This chapter describes the basic management operations for the SCC. It includes the following sections:

This section describes how to register and configure SteelHeads, Interceptors, Mobile Controller, and Cores with the SCC. This section includes the following topics:

All SteelHeads, Interceptors, Mobile Controllers, Cores, and Edges are shipped with SCC management and automatic registration enabled.

To disable automatic registration, see the SteelCentral Controller for SteelHead User Guide or the SteelHead User Guide.

To complete registration from the SCC, enter the following information about the appliance into the Appliances page of the SCC:

With this information, the SCC can connect to and manage the SteelHead. If you enable Common Administration Login, the SCC uses a single username and password to manage all appliances. The appliance-specific username and password are ignored. A single username and password is useful if the account used by the SCC to authenticate is the same across the organization or the SCC account is authenticated through TACACS+ or RADIUS.

For more information about using a single username and password, see the SteelCentral Controller for SteelHead User Guide. For details on automatic registration, which doesn’t require the SteelHead serial number, see Automatic registration.

Automatic registration allows a new appliance installed in an existing SCC-managed environment to automatically contact the SCC and register itself. Automatic registration is useful in environments in which you want to ship an appliance to a remote office and have a nonadministrator operator connect the appliance into the network.

To use automatic registration, prepare the appliance for registration with the SCC by entering the IP address or DNS-registered hostname of the SCC when you run the configuration wizard on the appliance. We recommend that you set up your DNS servers to resolve riverbedcmc to the primary interface IP address of your SCC. If you configure your DHCP servers to forward the correct DNS settings, any appliance added into the network and powered on should automatically register with the SCC.

Alternatively, you can use the cmc enable and cmc hostname commands. If you do not change the default hostname, it remains riverbedcmc.

If the appliance password has changed from the default, the SCC can automatically register the appliance, but it can’t connect to nor manage it. The appliance appears as disconnected on the Appliances page. To continue the automatic registration process, from the Edit Appliance page, select Edit Appliance and enter the correct password.

If automatic registration is not working, use the show cmc command to verify that automatic registration is enabled. If the show cmc command indicates that the hostname is correct, but autoregistration is not working, check the SteelHead name server search-path configuration using the show host command. Use the cmc hostname <hostname> command to change the SCC hostname (by default, riverbedcmc in DNS).

Registration doesn’t change the appliance configuration. It allows the SCC to communicate with the appliance. Configuration of the appliance is completed either automatically or manually through a policy push.

For more details on automatic registration, see the SteelCentral Controller for SteelHead User Guide.

In SCC 9.0 and later and SteelHeads running RiOS 9.0 and later, there’s a second, full duplex-persistent communication channel established between the SteelHead and the SCC. This channel is:

You can view the status of these two communication channels on the SteelHeads using the following CLI command:

You must establish these two communication channels to the same SCC for a SteelHead to be fully manageable by the SCC. By default, a SteelHead tries to connect to the SCC using the hostname riverbedcmc. Make sure that your DNS system points the hostname riverbedcmc to the correct SCC that’s managing the appliance.

To change the SCC hostname, enter the following command while in configuration mode:

You can establish the SSH-based communication channel through a manual registration of the appliance in SCC while the HTTPS-based communication channel is disconnected because the default hostname riverbedcmc is unresolvable. For more details on the impact of such a situation, go to Knowledge Base article S25613.

Automatic configuration allows a SteelHead, Interceptor, Mobile Controller, Core, and Edge that’s registered with the SCC to automatically download its configuration when you add it as a new appliance and it connects to the SCC.

To confirm that automatic configuration is enabled, check the Auto Configure column on the Appliances page before you add the SteelHead or SteelHead Interceptor. The Auto Configuration column indicates whether a SteelHead and SteelHead Interceptor has the Enable Auto Configure check box selected on the Edit Appliance page. Checking the Enable Auto Configure check box pushes the configuration out one time. After the configuration is pushed, the check box is automatically cleared.

If automatic configuration is not enabled, the appliance configuration, including nonpolicy configuration settings found on the Appliance Pages tab on the Appliances page, is updated only when policies are pushed to the appliance.

The SCC has very little knowledge of a change that you apply directly to the SteelHead. You want to change settings directly on the SteelHead only:

This section describes how to enable local changes on a SteelHead that’s under SCC management.

A common mistake is to make a configuration change on a SteelHead locally, and then have the changes disappear the next time policies are pushed from the SCC. We recommend that you make all configuration changes for an SCC-managed SteelHead through the SCC. SteelHead settings are available in the SCC as a policy or on the Appliance Pages. You can change any settings not covered by a policy in the Appliance Pages tab.

You can also manage appliances as a cluster. For more information, see Appliance Clusters.