While creating or updating a Business Policy rule and action, you can set the Network Service to Direct, Multi-Path, and Internet Backhaul.
Direct
Sends the traffic out of the WAN circuit directly to the destination, bypassing the
SD-WAN Gateway. NAT is applied to the traffic if the
NAT Direct Traffic checkbox is enabled on the
Interface Settings under the
Device tab. When you configure NAT Direct, consider the following limitations.
- NAT must hit traffic in edge routing table with Next Hop as either Cloud VPN or Cloud Gateway.
- NAT works for traffic to public IP addresses only, even if Business Policy allows to configure private IP addresses as destination.
Multi-Path
Sends the traffic from one SD-WAN Edge to another SD-WAN Edge, and from a SD-WAN Edge to a SD-WAN Gateway.
Internet Backhaul
While configuring the business policy rule match criteria, if you define the
Destination as
Internet, then the
Internet Backhaul network service will be enabled.
Note: The
Internet Backhaul Network Service will only apply to Internet traffic (WAN traffic destined to network prefixes that do not match a known local route or VPN route).
When the
Internet Backhaul is selected, you need to select one of the following:
- Backhaul Hubs
- Non SD-WAN Destinations via Gateway
- Non SD-WAN Destinations via Edge/Cloud Security Service
If Conditional Backhaul is enabled at the profile level, by default it will apply for all Business Policies configured for that profile. You can disable conditional backhaul for selected policies to exclude selected traffic (Direct and Multi-Path) from this behavior by selecting the Disable Conditional Backhaul checkbox in the Action area of the Configure Rule screen for the selected business policy. For more information, see Conditional Backhaul.