PDF(605.2 KB) View with Adobe Reader on a variety of devices
ePub(561.0 KB) View in various apps on iPhone, iPad, Android, Sony Reader, or Windows Phone
Mobi (Kindle)(375.6 KB) View on Kindle device or Kindle app on multiple devices
Updated:November 3, 2022
The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.
This document describes how to recover your SD-WAN vSmart and vBond access after your credentials are lost.
There are no specific requirements for this document.
This document is not restricted to specific software and hardware versions.
The information in this document was created from the devices in a specific lab environment. All of the devices used in this document started with a cleared (default) configuration. If your network is live, ensure that you understand the potential impact of any command.
Access to vBonds and vSmarts has been lost. This happens when you do not know or remember your credentials or access is locked after excessive and unsuccessful attempts to log into either interface. At the same time, the Control Connections between vManage, vSmarts, and vBonds are still established.
Step 1. Unlock the Credentials if necessary
These steps help you to identify a locked username and how to unlock them.
In case the account has been locked due to excessive failed login attempts you can see the 'Account locked due to X failed logins' message every time we type the username.
Based on the device model selected, you can choose from which device the vManage loads the Running Configuration.
The Device Model, Template Name, and Description values need to be entered in order to create the Template.
As soon as the configuration is generated in the CLI template, you can review Step 4 to modify the password.
Option B. Load the Configuration from vManage Database
In case you cannot load the configuration automatically in the CLI, you can still manually obtain the configuration of the device and create the CLI Template from that information.
vManage always has a backup configuration from all devices stored in its Database.
Navigate to vManage>Configuration>Controllers>Device> … >Running Configuration vManage>Configuration>Controllers>Device> … >Local Configuration.
Note: Running vs Local Configuration. Running Configuration means that the vManage needs to request the configuration information for the device. Local Configuration means the vManage shows the information already stored in its Database.
After the Local Configuration pops up, you can copy the whole configuration into a NotePad.
You need to create a new CLI template.
Navigate to vManage>Configuration>Templates>Create Template>CLI template.
The Device Model, Template Name, Description, and Config Preview values need to be entered in order to create the template. The configuration copied from Local Configuration needs to be pasted into config preview.
Caution: For vBond, you must select vEdge cloud. Every other device has its own specific model.
Step 3. New Credentials
After the template is created, you can replace the encrypted password or add new credentials.
Option A. Change the lost password
You can modify the configuration to ensure you use a known password.
You can highlight and replace the encrypted password with a plain text one.
Note: This plain-text password is encrypted after the template push.
Option B. Add a new username and password with Netadmin privileges
If the changes to the password are not allowed, you can add new credentials to ensure accessibility.
user newusername < Creates username password password < Creates the password group netadmin < Assigns read-write privileges
Click Add to Save the Template.
Step 4. Template Push to the Device
The next step is to push the CLI template to the device to change the Running Configuration.
After the template has been saved, you can attach it to the device.
Navigate to vManage>Configuration>Templates> Select the Template>… >Select the device > Attach.
Click Attach to review the config preview.
When you check the Config Diff, you can see either the password has changed or the new credentials were added.
To push the Template, click Configure Devices.
After the vManage confirms the Ttemplate push ended successfully, you can use your new credentials to access the device via SSH.