Hi community,I am implementing the Cisco SD-WAN TLS proxy but cannot understand the difference between the two Proxy actions - "pass-through" vs. "do-not-decrypt." According to the documentation, "pass-trough" means the ClientHello message passes thr...
Hi, community,Can we match and act on user traffic that goes through the data plane IPsec tunnels with an Access-list (localized data policy) applied on the local transport interface on a router? The official configuration guide is unclear whether we...
Hi Jean,IMO, you can apply an inbound centralized control policy to this site, filter out this exact vroute and accept all others (set the default action to accept). This will prevent the route from entering vSmart's VPN1 route table and, consequentl...
Msizi,I think you try to install the root certificate using the CLI command for installing a device certificate. I think you should try with "request platform software sdwan root-cert-chain install bootflash:ROOTCA.pem".HTH, Ivan
Hi,I used to have a home EVENG lab on SD-WAN ver 20.3.4 with 1 vManage, 2vSmarts, 2vBonds, and 6vEdges, including a few IOL routers and three WIN7 hosts for opening websites, iperf, etc. My setup is Intel Core i5 10400 (12 vCPUs) and 48Gb RAM. Everyt...
In the official Cisco SD-WAN configuration guide, it is stated that Scheduling happens after the Local Egress Policy (screenshot attached). Refer to the link below.https://www.cisco.com/c/en/us/td/docs/routers/sdwan/configuration/qos/vEdge-20-x/qos-b...
Well, in the official ciscopress book on Cisco SD-WAN it is stated that Queueing and Scheduling happen after the Local Egress Policy. (see attached image).It doesn't make sense to place packets in Low-latency Queue and then make ACL lookup and drop t...
