Symptom
SD-WAN Control connections from an Hardware Edge devices are not (or no longer) accepted by the controllers, starting with vBond due to the expired device certificate.
The reported error shown on the Edge device using the ?show control connection-history? will show REMOTE ERROR = BIDNTVRFD.
Note that ?certificate expiration? is one of many causes for the BIDNTVRFD error code.
Conditions
SD-WAN Hardware Edge device (ISR or ASR) with an expired SUDI certificate.
Workaround
None - other than upgrading the system image with this fix.
Further Problem Description
Certain Cisco Hardware Edge Devices contain a SUDI certificate which contains an expiration date. This certificate is used by the Cisco SD-WAN orchestrators to identify the Edge Device. If the Edge Device’s certificate is expired, the orchestrators will not allow the Edge device to be connected.
