Configue SD-WAN- with Advpn
Hub
Network ðSD-WAN
ðCreate New ðSD-WAN
Zone ð
ðSD-WAN
Member ðSD-WAN
Zone (advpn-sdwan) ð Interface ðVPN
Next ðCreate ðClose
Create advpn 2
SD-WAN Member ð
SD-WAN Zone (advpn-sdwan) ðInterface
ðVPN
Next ðCreate
ðClose
Set ip on Advpn Interface
Network ðInterface
ðadvpn-hub1 ðEdit ð
Network ðInterface
ðadvpn-hub2 ðEdit ð
Edit some setting in VPN
VPN ðIPsec
Tunnels ð (advpn_hub1)
ðEdit ðConvert To Custom
Tunnel ð
VPN ðIPsec Tunnels ð (advpn_hub2) ðEdit
ðConvert To Custom
Tunnel ð
Configure Firewall Policy Hub
Spoke to Hub
Policy & Objects ðFirewall Policy ðCreate New ð
Add more rule hub to spoke (we
can clone reverse)
Ok
Add one more Spoke to Spoke
Configure Route BGP on Hub
Network ðBGP
ð
Bgp-hub1
Bgp-hub2
Ok
Apply
Configue SD-WAN- with advpn
Spoke1
Network ðSD-WAN
ðCreate New ðSD-WAN
Zone ð
Create New ðSD-WAN
Member ð
(wan1)
Next ðCreate
ðClose ð
Crate SD-WAN spoke1 more (wan2)
Create New ðSD-WAN Member
Next ðCreate
ðClose
Ok
Chage some setting in VPN
Ipsec
VPN ðIPsec Tunnels ðspoke1-1 ðEdit
ðConvert To Costom
Tunnel ðNextwork
ðEdit
spoke1-2
Now connection vpn is up
Set ip interface advpn-spoke
(spoke1 and spoke1-2
Network ðInterface
ðspoke1-1 ðEdit
ð
Ok
Ok
Configure Firewall Policy
Policy & Object ðFirewall
Policy ðCreate
New ð
Configure Routing Protocol BGP
Netwok
And then Edit CLI for neighbor
Apply
Spoke2 configure the same
spoke1 you just change ip vpn
Interface
spoke1 10.10.10.3
10.10.10.254/24
Interface
spoke1-1 20.20.20.3
20.20.20.254/24
Configure advpn-sdwan rule on
Hub
Interface ðSD-WAN
ðPerformance SLAs ðCreate New ð
Interface ðSD-WAN
ðSD-WAN Rule ðCreate New ð
Configure advpn-sdwan rule on
spoke1
Interface ðSD-WAN
ðPerformance SLAs ðCreate New ð
Ok
Interface ðSD-WAN
ðSD-WAN Rules ðCreate New ð
Ok
Configure advpn-sdwan rule on
spoke2 (the same spoke 1)