To configure Branch to Branch VPN, perform the steps on this procedure.

Procedure

  1. In the Enterprise portal, click Configure > Profiles.
    The Configuration Profiles page appears.
  2. Select a profile you want to configure Cloud VPN and click the icon under the Device column.
    The Device Settings page for the selected profile appears.
  3. Go to Cloud VPN area and enable Cloud VPN by turning the toggle button to On.
  4. To configure a Branch to Branch VPN, under Branch to Branch VPN, select the Enable checkbox.
    Branch to Branch VPN supports two configurations for establishing a VPN connection between branches:
    Configuration Description
    Using a VeloCloud Gateway In this option, the closest gateway is used to establish VPN connections between Edges. The VeloCloud Gateway may have traffic from other users.
    Using a VeloCloud Hub In this option, one or more Edges are selected to act as hubs that can establish VPN connections between branches. The hub will be your asset and will only have your corporate data on it, improving overall security.
  5. To enable profile isolation, select the Isolate Profile checkbox.
    If profile isolation is enabled, then the edges within the profile will not learn routes from other edges outside the profile via the SD-WAN Overlay.
    You can enable Dynamic Branch To Branch VPN to all edges or to edges within a Profile. On selecting the Enabled checkbox, by default the dynamic branch to branch VPN is configured for all edges. To configure dynamic Branch to Branch VPN by profile, make sure the Isolate Profile checkbox is unselected.
    Note: When Profile Isolation is enabled, Dynamic Branch To Branch VPN can only be enabled to edges within Profile.
  6. Click Save Changes.