Skip to content

Setting Up AWS Cloud WAN with Cisco SD-WAN Cloud onRamp v20.15

This guide will walk you through the process of configuring AWS Cloud WAN integration with Cisco SD-WAN using the Cloud onRamp for Multicloud feature in vManage.

Prerequisites

Note: These are provided in dCloud, but will be needed if configuring in your own account

  • Access to vManage interface
  • C8Kv device list already uploaded to vManage
  • AWS account with appropriate permissions
  • Access and Secret keys for AWS account

Lab Environment Setup

Step 1: Access the Lab Environment

  1. Navigate to your dCloud session and select Jumphost.

  2. On the left panel, click Web RDP to launch the Windows instance in your browser.

    Access Web RDP

  3. If the browser is not already open, click the browser launch icon to access the AWS portal.

    Launch Browser

  4. Click Send Request in the AWS account request box. The system will show a "Loading..." status while processing.

    Request AWS Account Loading Status

  5. For optimal experience, access the AWS console through your local browser:

    • Right-click the URL and select "Copy"
    • Open your local browser (outside the RDP session) and paste the URL
    • Wait approximately 5 minutes for account provisioning
    • Click Go to Cloud when the button becomes available

    Note: Safely proceed to the next step while you wait for account provisioning

    Copy AWS URL AWS Portal Ready

Step 2: Access vManage in Your Local Browser

  1. Return to your dCloud session in your local browser and click Info at the top, then select AnyConnect Credentials.

    AnyConnect Credentials

  2. Open AnyConnect VPN client and enter the provided VPN domain.

    AnyConnect Setup

  3. Enter the DemoUsername and DemoPassword provided in the dCloud portal.

    VPN Authentication

  4. After connecting to the VPN, open a new browser tab and navigate to: 198.18.133.10

  5. Click Advanced, then Proceed...(unsafe) to bypass the certificate warning.

    Certificate Warning Proceed Unsafe

  6. Log in to the vManage environment using:

  7. DemoUsername: admin

  8. DemoPassword: C1sco12345

    Login to vManage You now have access to both an AWS account and the vManage environment needed to complete this lab.

Configuration Steps

Step 1: Create Site Hierarchy

First, you need to organize your site hierarchies. We will just create a single site for this lab which will represent a hub location of 1 or more C8000vs in an AWS Transit VPC.

  1. Log in to the vManage console

  2. Navigate to Configuration > Network Hierarchy

    Site Config

  3. Click on the ... besides Global Nodes and add site

    Site Config2

  4. Name of SITE_1000 and ID of 1000 , feel free to add a location as well.

    Site Config3

Step 2: Configure Cloud OnRamp for Multicloud

  1. From the Cisco SD-WAN Manager menu, navigate to Configuration > Cloud OnRamp for Multicloud

  2. Connect your AWS account by providing AWS Access and Secret keys

    AWS Access

  3. Under Cloud Global Settings, click Add

    Global Settings Add

  4. Complete the Cloud Gateway Global Settings

    Note: For the IP subnet pool, you can use the smart default suggested or leave it blank and configure during the gateway creation process.

    Cloud Gateway Configuration

Step 3: Create Cloud Gateway

  1. On the Cloud OnRamp dashboard, click Create Cloud Gateway

  2. Fill in the required details:

    • Give the Cloud Gateway a name, e.g., SDWAN-Hub-us-west-2
    • Use software version 17.15.03a
    • Set the IP subnet pool CIDR for your Transit VPC
    • Set Tunnel count (typically 1 for 8kv to AWS connections)
    • No SSH key is required
    • UUIDs will be added automatically when the site is selected

    Important

    17.15.03a must be used as it is a whitelisted/approved AMI inside this dCloud AWS IAM environment

    Gateway Deployment

  3. Wait for the deployment to complete

    • This process takes approximately 30 minutes as it configures all required components in AWS using SDK calls (not Cloud Formation)

Verification

Verify deployment in AWS

  • Core Infrastructure Status
    • Global Network status: Available (AWS Console → Cloud WAN → Global Networks → [Select your Global network])
    • Core Network status: Available (... → Core Network → Details (horizontal tab) )
    • Policy version: Latest, no errors (... → Core Network → Policy Versions)
  • Core Infrastructure Attachments
    • VPC and Connect Attachment status: Available (... → Core Network → Attachments)
    • Connect Peers BGP Status: UP (... → Core Network → Attachments → Connect Attachment → Details)

Verify deployment in vManage

  • Cloud Gateway Status: 2 Reachable (vManage Console → Configuration → Cloud OnRamp for Multicloud → Manage → Gateway Management )

Conclusion

You have now successfully set up AWS Cloud WAN integration with Cisco SD-WAN using Cloud onRamp for Multicloud. The deployed configuration establishes secure connectivity between your SD-WAN fabric and AWS network infrastructure.