Router Management Center (MC)
Basic work flow and tasks

The Router MC has an inherent basic user work flow as shown in Figure . Most Router MC tasks are ordered as follows:

Task 1 – Create an activity.
All router management and VPN configuration must be done within the context of an activity. When an activity is created, a proposal to create or change VPN or firewall configurations on specific routers is prepared. This proposal must be approved before configurations can be deployed to the routers.

Task 2 – Create device groups.
Organize the routers in a hierarchy. When device groups are created, the router inventory is strategically divided to facilitate management and deployment. All routers within a device group can share common policies, which can be deployed to a set of routers at the same time, rather than individually. Device groups help to keep a clear picture of the relationships between the routers in the network.

Task 3 – Import devices.
When devices are imported, the router information is brought into the device inventory, allowing administrators to manage the routers using Router MC. Router information can be imported by having Router MC query the routers directly or by importing router information that is contained in a file.

Task 4 – Define VPN and/or firewall settings.
There are two ways to complete this task:

  • If a VPN is being configured, the inside interfaces and internal networks on the hub and spoke must be specified, as well as the VPN interface on the spokes and the hubs to which the spokes are assigned. The method to be used for resiliency, either IKE keepalive or GRE, can be specified. Additional VPN settings not covered in the basic user workflow include more advanced configurations for GRE, and packet fragmentation.
  • If firewall policies to be deployed to the routers are being configured, the parameters required for implementing CBAC and for defining access rules, such as fragmentation, timeouts, half-open connections, logging, and ACL ranges, bust be defined.

Task 5 – Define VPN policies and/or firewall ACLs.
There are two ways to complete this task:

  • For VPN policy configuration, an IKE policy and a tunnel policy must be defined. The IKE policy defines a combination of security parameters to be used during IKE negotiation and authentication of peers. A tunnel policy defines the VPN connection from a spoke to its assigned hub. Tunnel policies are defined on the spoke are then implemented on the hub. The authentication and encryption algorithms that will be used to secure the traffic can be selected.
  • To define the network security policy for firewall policy configuration, ACLs must be used. ACLs provide traffic filtering by enabling the implementation of ACLs and CBAC inspection rules on the interfaces of the managed routers.

Task 6 – Approve the activity.
Upon completing the VPN or firewall configurations, the activity must be approved before the configurations are committed to the database, and can be deployed.

Task 7 – Create and deploy a job.
When a job is created the devices or device groups to which the configurations will be deployed are specified. Administrators have the option to deploy directly to the routers or to files. CLI commands are generated according to the configurations. These commands can be reviewed before deployment.

Common configuration tasks include:

  • Configuring general Cisco IOS Firewall settings
  • Building access rules
  • Using Building Blocks
  • Using Upload

These are shown in the demonstration activities below.


Interactive Media Activity

Demonstration Activity: Creating an Activity using Router MC

This demonstration explains how to create an activity using the Router MC.

Interactive Media Activity

Demonstration Activity: Creating Device Groups using Router MC

This demonstration explains how to create device groups using the Router MC.

Interactive Media Activity

Demonstration Activity: Define VPN Settings using Router MC

This demonstration explains how to define VPN settings using the Router MC.

Interactive Media Activity

Demonstration Activity: Defining VPN Policies using Router MC

This demonstration explains how to define VPN policies using the Router MC.

Interactive Media Activity

Demonstration Activity: Approving Activities using Router MC

This demonstration explains how to approve activites using the Router MC.

Interactive Media Activity

Demonstration Activity: Creating and Deploying Jobs using Router MC

This demonstration explains how to create and deploy jobs using the Router MC.

Interactive Media Activity

Demonstration Activity: Configuring General Cisco IOS Firewall Settings

This demonstration explains how to configure general Cisco IOS forewall settings using the Router MC.

Interactive Media Activity

Demonstration Activity: Building Access Rules

This demonstration explains how to build access rules using the Router MC.

Interactive Media Activity

Demonstration Activity: Using Building Blocks

This demonstration explains how to use building blocks with the Router MC.

Interactive Media Activity

Demonstration Activity: Using Upload

This demonstration explains how to upload router configurations using the Router MC.