SD-WAN Orchestrator for On-premises log-in

This article describes how a customer can first time log in to the SD-WAN Orchestrator for On-premises.

Following are the prerequisites that you need to have before login to the SD-WAN Orchestrator for On-premises:

  • You must have a Citrix Cloud Account. For more information, see Customer accesses SD-WAN Orchestrator.

  • To use SD-WAN Orchestrator for On-premises, you must have an account in the Citrix SD-WAN Orchestrator service. For more information, see Onboarding Citrix SD-WAN Orchestrator service.

  • Create an administrator with custom privileges.

  • Create a client from the API Access page to get the customer ID, ID, and Secret detail. These details are needed during the on-premises Orchestrator log on.

Note

Without the Cloud login, you cannot proceed to the local login.

Create Administrator

An enterprise customer can invite an administrator to manage their SD-WAN network. Perform the following steps to invite an administrator:

  1. Log in to the Citrix Cloud and navigate to Identity and Access Management.

    Identity and access management

  2. Go to Administrators page and select Citrix Identity from the identity provider drop-down list.

    Citrix identity

  3. Enter the new administrator email id and click Invite.

    Citrix identity administrator

  4. It is recommended to set the custom access for the administrator. Select the Custom access radio button. Select the Secure Client check box from the General Management section and SD-WAN check box.

    Citrix identity administrator

  5. Click Send Invite.

Once you created the administrator account, login through the administrator account to generate the API keys.

Note

If you already have a custom administrator role, they you can use it to create the API token.

Generate API token

Perform the following steps to log in to the on-premises Orchestrator.

  1. Log in to the Citrix Cloud and navigate to Identity and Access Management.

    Identity and access management

  2. Go to API Access page.

    API access

  3. Create a client. Note down the Customer ID that you need later for login to the on-premises Orchestrator.

    Create client

  4. On click of Create Client, it provides you the ID and a Secret key that you can copy and save, or download.

    ID and secret

  5. Go to your Citrix Hypervisor (XenServer/VMware) and boot up the on-premises Orchestrator.

  6. Once the SD-WAN Orchestrator for On-premises is booted up, provide the default user name (admin) and Password (password).

    Note

    It is mandatory to change the default admin user account password on a first time logon. This change is enforced using both CLI and UI.

  7. If the DHCP server is not configured in the SD-WAN network, you have to manually enter a static IP address. To configure a static IP address as the management IP address:

    • In the console, enter the CLI command management_ip.
    • Enter the command set interface <ipaddress> <subnetmask> <gateway>.

    Note

    • The management IP address is the IP address of the Citrix on-premises SD-WAN Orchestrator virtual machine, use this IP address to log into the Citrix on-premises SD-WAN Orchestrator Web UI.
    • The management interface can be configured via the two methods – CLI and DHCP.
  8. Once the SD-WAN Orchestrator for On-premises is booted up, by default it is configured with DNS servers 9.9.9.9 & 149.112.112.112 as primary and secondary respectively. If necessary, you can change the DNS server IP address using the following commands:

    • In the console, enter the CLI command set_dns.
    • Enter the command set primary <ipaddress> and then enter y to confirm the change.
    • Enter the command set secondary <ipaddress> and enter y to confirm the change.

    DNS service configuration using CLI

  9. Open a new browser using the management IP. The following screen appears:

    Citrix Cloud management IP

  10. Provide the Customer ID, Client ID, and Client Secret that you saved or downloaded earlier while creating the client from the cloud Orchestrator. Select the POP in which your cloud account was on boarded. You cannot change the POP after a successful login.

    Note

    This screen appears once in 15 days. For the subsequent log on/out, you see only the local login page.

  11. Provide the default user name and password on the local login page.

    Default user name and password

You can see the SD-WAN Orchestrator for On-premises Dashboard page appears.

Dashboard

SD-WAN Orchestrator for On-premises log-in