
[Guestshell](/guestshell) on a Cisco [IOS XE-based](/cisco-ios) [cEdge](/sd-wan-cedge) device offers a workaround for handling certificates during [SD-WAN](/sd-wan) onboarding, particularly when the automatic process is not possible or direct communication with a [Certificate Authority (CA)](/certificate-authority-structure) is unavailable. With Guestshell, users can generate certificate signing requests (CSRs), store certificates locally, and manually transfer them. Although Guestshell cannot function as a CA itself, requiring certificates to be signed externally before they can be installed, it provides increased flexibility in managing certificates under such constraints.

## Links

https://networklessons.com/cisco/cisco-sd-wan/cisco-sd-wan-cedge-onboarding

Guestshell as an SD-WAN Onboarding Certificate Workaround

Ethernet - role of FCS field

Ethernet - speed and duplex mismatches

Ethernet - speed and duplex settings on an ISR4431

Ethernet CSMA-CD

Ethernet VPN (EVPN)

Ethernet administrative and operational encapsulation

Ethernet administrative operational mode

Ethernet frame types

Ethernet header

Ethernet over IP (EoIP)

Ethernet

FHRP - Comparison Table

FHRP - HSRP Resign Message

FHRP - interaction with routing protocols

FHRP - which ports should you configure

FHRP Communication Between Redundant Routers

FHRP Hardware Limitations

FHRP Load Balancing Behavior

FHRP Protocols

FHRP communication path of keepalives

Fiber optic types

Fiber optics - Multi mode fiber optics characteristics

Fiber optics - Single mode fiber optics characteristics

Fiber optics - color coding

Fiber optics - connectors

Firewall Filtering HTTPS Traffic

FlexVPN Hub and Spoke backup routes

FlexVPN redundant hub with dual cloud

FlexVPN spoke to spoke communication fails with IPSec tunnel

FlexVPN

Frame Relay - is it a relevant technology anymore

Frame-Relay - emulating a Frame-Relay switch

Frame-Relay DLCI values

GLBP TLVs and Priority Values

GNS3 how to obtain Cisco IOS images

GRE - Keepalives and VRF-aware tunnels

GRE - Recursive routing error - AD solution

GRE - Recursive routing error - filtering solution

GRE - Recursive routing error

GRE - Understanding how keepalives work

GRE MTU settings

GRE Tunnel Addressing

GRE and IPSec

GRE tunnel and multicast

GRE tunnel key operation with only one tunnel key configured

GRE tunnels and how they transmit multicast packets

Gateway Load Balancing Protocol (GLBP)

Guestshell

HSRP - Deployment in Distribution Layer

HSRP - standby group numbers

HSRP Message Op Codes

HSRP Message Parameters

HTTP - viewing HTTP messages in Wireshark

Hardware - Application Specific Integrated Circuit (ASIC)

Hardware - Layer-3-aware ASIC and IGMP snooping

High-Level Data Link Control (HDLC)

Higher Bandwidth Doesn't Always Mean Faster Speeds

Home lab computer requirements

Hot Standby Router Protocol (HSRP)

How to learn Python for networking

How to practice labbing - best practices

How to prepare for Cisco DNA

IANA

ICANN

ICMP - Mitigating Vulnerabilities

ICMP - Vulnerabilities

ICMP - response to a ping that is blocked by an ACL

ICMP DF-bit in Echo Request and Reply

ICMP Echo Request and Reply Size

ICMP codes and types

ICMP

IEEE

IETF

IGMP - Snooping Querier Election

IGMP - Snooping Querier

IGMP - access group

IGMP - fast leave

IGMP - filtering using ACLs

IGMP - ip igmp snooping querier command

IGMP - membership report

IGMP - using VLAN access maps to filter multicast traffic

IGMP Join vs PIM Join in Multicast Routing

IGMP Snooping internal interface

IGMP Type 0x11 for Membership Queries

IGMP default IOS configurations

IGMP last member query interval

IGMP membership query max response time

IGMP membership reports destination

IGMP report suppression

IGMP snooping inspects PIM hello packets

IGMP snooping prevents report suppression

IGMP snooping source IP address for messages

IGMP version 1 how hosts stop receiving multicast traffic

IGMP

IGMPv2 - leave group message mechanism

IGRP

IOS - Configuration Archive and Rollback