03-08-2023 08:30 PM
Hi All.
I have Cisco SDWAN running well using Control Connection on DTLS. For some reason, our customer asked to change the control connection to TLS. Can someone please share document related to pro-cons for control connection using dtls / tls on Cisco SDWAN? Thank you.
03-08-2023 08:59 PM
Hello,
You can try Chapter 2 of this document where it talks about DTLS/TLS:
https://www.cisco.com/c/en/us/td/docs/routers/sdwan/configuration/security/vedge/security-book.pdf
-David
03-09-2023 07:14 AM
Hi,
with vBond it is always DTLS. With vSmart/vManage it can be TLS also and it is recommended as below (from Cisco SD-WAN CVD):
"TLS is recommended since it uses TCP, which uses acknowledgments for greater reliability. TCP is also connection-oriented, so firewalls can maintain the state of the connections and allow return traffic without explicitly having to allow the traffic."
https://www.cisco.com/c/en/us/td/docs/solutions/CVD/SDWAN/cisco-sdwan-design-guide.html
HTH,
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide