Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
629
Views
0
Helpful
2
Replies

SDWAN-On Premises-SETUP

Mahendervyas35821
Level 1
Level 1

‎12-03-2020 09:00 AM

Dear Community , 

I have one doubt with SDWAN - Setup on premises as i read some docs that we need Public IP For Vbond ( it can be NAT when we use on premises ) , but me Question is after Vedge is authenticated by Vbond and DTLS is completed then Next step will be vedge needs to communicate between vsmart and vmanage . 

We don't have any Nat for Vsmart and vmanage and this are in Private network so how my Vedge will Reach Vsmart for authentication .

Can any1 Clear this doubt how Branch will reach vsmart and vmanage .  

Attached Image for better understanding .

 

SDWAN.jpeg

0 Helpful
2 Replies 2

gneslim
Level 1
Level 1

‎12-04-2020 05:11 PM

Hi,

 

If your vManage and vSmart devices do not have access to the internet, the alternative for vEdges to talk to them will be through reverse-proxy. This configuration can be found in Administration --> Settings screen. If configured properly, it will allow the devices to establish connections through a SSL proxy, which is an additional device that sits between the internet and the vManage/vSmart.

 

You can refer to the link here which explains more on the reverse-proxy functionality.

 

 

0 Helpful

Kanan Huseynli
VIP
VIP

‎12-05-2020 07:26 AM

Hi,

even for proxy option you will need public IP addresses. Basically, all controllers should have public IP addresses (either directly or via proxy/NAT). There is another option using "vbond as stun server", but this is the case where there are 2 transports (e.g internet / mpls) and you want allow control controllers only over private network mpls.

Hence, for your deployment you will need public IP addresses for 1:1 NAT.

https://www.cisco.com/c/en/us/td/docs/solutions/CVD/SDWAN/cisco-sdwan-design-guide.html#ControllerDeployment

 

Regards,

HTH,
Please rate and mark as an accepted solution if you have found any of the information provided useful.

0 Helpful
Customers Also Viewed These Support Documents