cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

Choose one of the topics below for SD-WAN Resources to help you on your journey with SD-WAN

This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC!
We will not comment or assist with your TAC case in these forums.

352
Views
0
Helpful
2
Replies

SDWAN-On Premises-SETUP

Dear Community , 

I have one doubt with SDWAN - Setup on premises as i read some docs that we need Public IP For Vbond ( it can be NAT when we use on premises ) , but me Question is after Vedge is authenticated by Vbond and DTLS is completed then Next step will be vedge needs to communicate between vsmart and vmanage . 

We don't have any Nat for Vsmart and vmanage and this are in Private network so how my Vedge will Reach Vsmart for authentication .

Can any1 Clear this doubt how Branch will reach vsmart and vmanage .  

Attached Image for better understanding .

 

SDWAN.jpeg

2 REPLIES 2
gneslim
Beginner

Hi,

 

If your vManage and vSmart devices do not have access to the internet, the alternative for vEdges to talk to them will be through reverse-proxy. This configuration can be found in Administration --> Settings screen. If configured properly, it will allow the devices to establish connections through a SSL proxy, which is an additional device that sits between the internet and the vManage/vSmart.

 

You can refer to the link here which explains more on the reverse-proxy functionality.

 

 

Kanan Huseynli
Participant

Hi,

even for proxy option you will need public IP addresses. Basically, all controllers should have public IP addresses (either directly or via proxy/NAT). There is another option using "vbond as stun server", but this is the case where there are 2 transports (e.g internet / mpls) and you want allow control controllers only over private network mpls.

Hence, for your deployment you will need public IP addresses for 1:1 NAT.

https://www.cisco.com/c/en/us/td/docs/solutions/CVD/SDWAN/cisco-sdwan-design-guide.html#ControllerDeployment

 

Regards,