cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
949
Views
10
Helpful
7
Replies

C8KV on Azure how to work in sdwan?

HI Experts

There is currently a network renovation. We need to maintain the original network and deploy a new Cisco SDWAN network, and then allow the services on Azure to serve other branch sites through SDWAN.
We need to install C8KV on Azure, but some questions I am not sure about are as follows (I am new to Azure):
- Can we achieve redundancy of two C8KVs on Azure?
- Can we use VRRP between two C8KVs on Azure?
- How do we advertise Azure Cloud services(eg O365...) to other branch sites by C8KV?
-How many interfaces do we need to assign to C8KV? (we are in a vnet)
- Do we need to do anything else on Azure in order for C8KV to register with vManage and establish tunnels with other branches?

The above problems are all completed without affecting the existing network (for example, without affecting Azure cloud app services, branch networks), and it can be considered that a new link has been established between branches. If we can achieve our goal on Azure, how should we do it? It would be even better if there is a reference to the deployment documentation, thanks a lot.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Rps-Cheers | If it solves your problem, please mark as answer. Thanks !
7 Replies 7

Lei Tian
Cisco Employee
Cisco Employee
Hello,

You can reply Cat8kv in Azure with few diff ent ways. You need understand your existing Azure environment to pick the right design. Questions you might ask yourself are: What’s the existing Azure infrastructure? Do you use Azure iWAN? Do you have vNETs in multiple regions? How does onprem connect to Azure? How’s traffic flow between onprem and Azure? Do you need firewall for vnet to vnet and vnet to onprem? Do you need segmentations in vNet?

Regards,
Lei Tian

there is one vnet with multiple subnets on azure.Whether we cloud onboard c8kv the same as physcial device (eg isr4k cedge)?

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Rps-Cheers | If it solves your problem, please mark as answer. Thanks !

Hello,

You can deploy Cat8kv in vNET like cEdge, but there is no vrrp. So you could use azure route server to establish bgp with redundant Cat8kv. Another option is to deploy redundant Cat8kv in differ vNET, then have ipsec/BGP between host vNET and Cat8kv vNET.

HTH,
Lei Tian

Thanks for your reply.

This sounds a lot clearer. Do you have a deployed configuration case to provide reference? How can we make the Azure App serve the branch through the C8KV overlay?

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Rps-Cheers | If it solves your problem, please mark as answer. Thanks !

Hello,
You can reference this deployment guide of CoR IaaS for Azure
https://www.cisco.com/c/en/us/td/docs/solutions/CVD/SDWAN/cisco-sdwan-cloud-onramp-iaas-azure-deploy-guide.html
The guide uses CSR1kv, which is cloud router before Cat8Kv, but logic is same. The change will be disruptive. To minimal impact, you can plan and pre-deploy vNET for Cat8Kv, and make host vNET routing change during change window.
For accessing Azure SaaS service over VPN, depends on the type of service, you might be able to achieve with Azure private link and DNS. Like this use case
https://docs.microsoft.com/en-us/azure/storage/common/storage-private-endpoints
Or you can take a look the Azure peering service.
https://docs.microsoft.com/en-us/azure/peering-service/about

HTH,
Lei Tian

Thanks for your sharing.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Rps-Cheers | If it solves your problem, please mark as answer. Thanks !

The other most important question is whether this will break existing cloud applications and cause them to be disrupted. We hope to add an overlay tunnel for accessing cloud services without any impact.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Rps-Cheers | If it solves your problem, please mark as answer. Thanks !

Review Cisco Networking for a $25 gift card