Best Practices for Cloud VPN Configuration in Cluster Setups
search cancel

Best Practices for Cloud VPN Configuration in Cluster Setups

book

Article ID: 370633

calendar_today

Updated On:

Products

VMware

Issue/Introduction

In this article, we will talk about the recommendation on Cloud VPN settings for Edge Cluster. 

Environment

All SDWAN Edge software versions

Cause

If we enable "Branch to Branch Cloud VPN" settings in a Cluster edge profile without enabling "Cluster interconnect feature", then the edge Cluster will be moved to a Spoke role instead of HUB role and create route reachability issues. 

Note: Cluster edges should be always in the HUB role in the SDWAN network. 

Resolution

The edge cluster must always operate in the HUB role. Enabling Branch to Branch VPN in a Cluster or HUB profile is not recommended.

If you intend to establish an Overlay VCMP tunnel between two clusters, enabling the Interconnect feature under Hub or Cluster Interconnect is necessary.

More information on HUB or Cluster Interconnect feature: HUB or Cluster Interconnect

It is advisable to configure distinct profiles for Spoke and HUB/ Cluster edges

Powered by Wolken Software