Add a Device Profile

Click Browse to upload a pre-created device profile in the JSON file format. The values in the pre-created device profile are automatically populated in the Create Device Profile page.

Click the Download this form into JSON file link to download and to save the profile in its current state (for example, when you want to save the current configured values for later reference or for maintaining a record).

Enter a name for the device profile.

The profile name can contain alphanumeric characters and some special characters [hyphen (-), underscore (_), period (.), and colon (:)] and cannot exceed 64 characters.

Enter a name for the network implementation plan in which you want to use this profile. You can use the device profile only in the network implementation plan that you enter here. A network implementation plan with the name you enter here is auto-generated and listed on the Network Implementation Plan page (Inventory > Device Onboarding > Network Implementation Plan).

The plan name can contain alphanumeric characters and some special characters [hyphen (-) and period (.)] and cannot exceed 64 characters.

Configuration Template

Select one or more configuration templates that you want to include in the profile.

Use configuration templates to configure parameters that you cannot define in the profile or plan.

All the configuration templates present in the organization are listed here.

Select one or more device labels from the drop-down list. The labels that you select here are associated with the devices to which you assign this profile. You can use the labels to refer to the device in various contexts. For example, if you assign the label PE for provider edge devices, you can use the label to filter all PE devices present in your network.

You can also click the + Add new label link to add a new label to the profile, in the Add New Label page. The name of the label can contain alphanumeric characters and some special characters [hyphen (-) and period (.)] and cannot exceed 64 characters. See Add Labels.

Select the software image to be installed on the device. During device onboarding, Paragon Automation checks whether the software version installed on the device matches the version you enter here. If the software version does not match, the software version that you specify here is installed on the device.

You can view the images that are uploaded to Paragon Automation here.

Enter the ID or number of the AS to which you want to assign the device.

Range: 1 through 4,199,999,999

Click to enable (default) or disable Paragon Automation to run compliance scans on the device for assessing the integrity and potential vulnerabilities on the device and to calculate compliance score for the device.

The compliance score of a device indicates compliance of the device with the rules defined in the Center for Internet Security (CIS) benchmarks.

Click to enable or disable (default) automatic router ID configuration on a device during device onboarding.

If you enable automatic router ID configuration, the IPv4 loopback address of the device is used as the router ID.

Click to enable or disable (default) automatic IPv4 loopback address configuration on the device.

If you enable automatic IPv4 loopback address configuration, Paragon Automation assigns the IPv4 loopback address automatically from the IPv4 address resource pool.

For automatic configuration of IPv4 loopback address, you must have IPv4 loopback address resource pools uploaded to Paragon Automation. Otherwise, the IPv4 loopback address is not assigned to the device and device onboarding fails. See Add Network Resource Pools for adding information about resources pools.

If you disable this option, you can configure the loopback address when you add devices to a network implementation plan.

Click to enable or disable (default) IS-IS protocol configuration on the device.

If you enable ISO Network Address, configure the area ID and system ID.

Enter the area ID to be assigned to the device for IS-IS protocol configuration.

Range: 01 through 99

Click to enable (default) or disable auto-generation of a system ID for IS-IS protocol configuration.

If you choose to auto-generate the system ID, the value assigned is usually the host part of the device’s IP4 loopback address in the binary-coded decimal (BCD) format.

For automatic configuration of System ID, you must have IPv4 loopback address resource pools uploaded to Paragon Automation. Otherwise, the System ID is not assigned to the device and device onboarding fails. See Add Network Resource Pools for information about adding resources pools.

If you explicitly specify the system ID, we recommend that you use the IPv4 loopback address represented in the BCD format. For example, if the loopback address is 192.168.1.77, the system ID should be 1921.6800.1077.

Click to enable or disable (default) BGP configuration on the device. If you enable BGP configuration, add an internal or external BGP peer group for the device. For information about the configurable fields to add a BGP group, See Table 2.

You can also edit and delete BGP peer groups of a device from here.

Click to enable or disable (default) path computation element protocol (PCEP) configuration on a device.

If you enable PCEP, configure the IPv4 path computation element (PCE) address in your network.

IPv4 address of the PCE in your network.

Click to enable or disable (default) traffic engineering (TE) configuration on your device.

If you enable TE, add tunnels [label-switched paths (LSPs)] for TE. See Table 3.

You can also edit and delete tunnels from here.

Click to enable or disable (default) segment routing configuration on a device.

If you enable segment routing, configure start label and index range for the OSPF and IS-IS protocols, and the node segment identifier (SID) (referred to as IPv4 index) for a device.

Enter a start label for the segment routing label block. This label is advertised using the OSPF protocol.

Range: 16 through 1,048,575

Enter the range of label values that you want to use as the SID for a device.

Range: 32 through 1,048,559

Enter a start label for the segment routing label block. This label is advertised using the IS-IS protocol.

Range: 16 through 1,048,575

Enter the range of label values that you want to use as SID for a device.

Range: 32 through 1,048,559

Click to enable or disable (default) the automatic configuration of the IPv4 node SID for segment routing.

For automatic configuration of IPv4 index, you must have the segment identifier resource pools uploaded to Paragon Automation. Otherwise, the IPv4 index is not assigned to the device and the device onboarding process fails. See Add Network Resource Pools for information about adding resources pools.

Click to enable or disable (default) the test agents installed on ACX routers and x86 platforms to run connectivity test to the edge devices in your network.

If you enable running connectivity tests to the edge devices, configure the labels and IPv4 addresses of the edge devices.

Select the device labels for edge devices. Test agents run connectivity tests to all devices that share the device label.

Enter the IPv4 addresses of edge devices to which test agents on the device run connectivity tests.

Click to enable or disable (default) the test agents that are installed on devices to run connectivity tests to the Internet endpoints such as Web servers and DNS servers in your network.

If you enable running connectivity tests to the Internet endpoints, you must configure the endpoints for the connectivity test.

Click + to add Internet Endpoints for connectivity checks. Configure the following:

• Name—Enter the name of the Internet endpoint server.

• URL—Enter the URL of the Internet endpoint server in host[:port]/[path] format. For example, www.example.com/v1.

• Click Add common endpoints to select common endpoints from the list.

Click the check mark to save the endpoints.

Enter the IPv4 address of the internal or external DNS server to which the test agent runs a ping connectivity test.

Click to enable or disable (default) the test agents installed on devices from running connectivity tests to hosts in the Cloud Provider's network.

If you enable running connectivity tests to the cloud provider endpoints, you must configure the cloud provider endpoints.

Configure the parameters to check connectivity from a device to the cloud provider network. To configure connectivity tests to cloud provider endpoints:

1. Select a cloud provider (Amazon Web Services [AWS], Microsoft Azure, or Google Cloud Platform) in the Cloud Providers list to which connectivity is to be tested.

2. (Optional) Click Edit to change the default delay and delay variance threshold values for the selected cloud provider.

   You can edit the values as per your preference and click the check mark to save the edited values.

3. Click Save.

   Paragon Automation runs connectivity checks to the configured cloud provider endpoints during device onboarding.

Enter a name for the BGP peer group of the device.

The name can contain alphanumeric characters and some special characters [hyphen (-), underscore (_), period (.), and colon (:)] and cannot exceed 64 characters.

Select a type of BGP peer group for the device:

• Internal (IBGP) Peer

• External (EBGP) Peer

Enter the AS number of the device's BGP peer groups.

The value can range from 1 to 4,199,999,999.

Select one or more IP address families from the drop-down list that a device can support for BGP sessions with peers.

Click to enable or disable (default) the BGP peer group as the source for BGP-LS information.

If you enable this option, the devices in this group provide the BGP link state information to Paragon Automation.

Select one or more labels of devices that belong to the BGP peer group. All devices that share the label you enter here become part of the peer group.

We recommend that you use labels for specifying BGP neighbors as one label can represent multiple devices.

Enter the IPv4 address (in dotted decimal notation) of the devices that you want to add in the BGP peer group. For example, 10.2.3.4.

Select one or more BGP cluster IDs to which you want to assign the devices from the BGP peer group.

Click the Manage Clusters link to add, modify, or delete BGP clusters. To add a BGP cluster:

1. Click Manage Clusters.

   The BGP Route Reflector Clusters page appears.

2. Click the add (+) icon.

   The Name and Cluster Identifier fields are enabled.

3. Enter a name for the BGP cluster in the Name field.

   The name can contain alphanumeric characters and some special characters [hyphen (-), underscore (_), period (.), and colon (:)] and cannot exceed 64 characters.

4. Enter an IP address for the BGP cluster in the Cluster Identifier field.

   Do not enter a value for the cluster ID if you want Paragon Automation to automatically assign the cluster ID.

   For automatic configuration of cluster IDs, you must have BGP cluster ID resource pools uploaded to Paragon Automation. Otherwise, the cluster IDs are not assigned to the BGP clusters, and the device onboarding fails.

Enter a name for the tunnel.

The name can contain alphanumeric characters and some special characters [hyphen (-), underscore (_), period (.), and colon (:)] and cannot exceed 64 characters.

Select the type of protection you want to configure for the tunnel:

• none: The tunnel does not have any protection.

• link: The links in the tunnel are protected.

• node-link: Both the devices and the links in the tunnel are protected.

• detour: The tunnel is protected by a secondary tunnel.

Select the labels of the devices where you want the tunnel to end.

We recommend that you use labels to specify devices for tunnel destination.

Enter the IP addresses of the devices where you want the tunnel to end.

Click to enable (default) or disable the automatic configuration (static configuration) of the tunnel bandwidth.

If you disable auto configuration (static), specify the tunnel bandwidth in Kbps, Mbps, or Gbps. For example, 5 Mbps.