Hi all,
I have a question regarding configuring a vEdge as a vBond...
I was following this Cisco Live document on how to create a SDWAN home lab
https://www.ciscolive.com/c/dam/r/ciscolive/emea/docs/2020/pdf/LTRRST-2734-LG.pdf
On page 27 it says you have to specify encapsulation ipsec on the tunnel interface of the vBond (and only for the vBond, neither for the vSmarts nor for the vManage)
My understanding is that the vBond only creates permanent DTLS tunnels with the vSmart and vManage and temporary DTLS tunnels with Wan Edge routers for discovery and authentication purposes. So at no point does the vBond need an IPSec encapsulation in its tunnel interface since it will never use IPSec.
So what’s the point of the ipsec encapsulation configuration under the tunnel interface ?
Thanks
SB
