Configure Branch to SD-WAN Hubs VPN to establish VPN connection between branch and hubs.

Procedure

  1. From the SD-WAN Orchestrator, go to Configure > Profiles.
    The Configuration Profiles page appears.
  2. Select a profile you want to configure Cloud VPN and click the icon under the Device column.
    The Device Settings page for the selected profile appears.
  3. Go to Cloud VPN area and enable Cloud VPN by turning the toggle button to On.
  4. To configure Branch to SD-WAN Hubs, under Branch to Hubs, select the Enable checkbox.
  5. Click the Select Hubs link. The Manage Cloud VPN Hubs page for the selected profile appears.
  6. From Available Edges & Clusters, you can select and configure the Edges to act as SD-WAN Hubs or Backhaul Hubs.
    Note: An Edge cluster and an individual Edge can be simultaneously configured as Hubs in a branch profile. Once Edges are assigned to a cluster, they cannot be assigned as individual Hubs.
  7. To enable Conditional Backhaul, select the Enable Conditional BackHaul checkbox.
    With Conditional Backhaul (CBH) enabled, the Edge will be able to failover Internet-bound traffic (Direct Internet traffic, Internet via SD-WAN Gateway and Cloud Security Traffic via IPsec) to MPLS links whenever there is no Public Internet links available. When Conditional Backhaul is enabled, by default all Business Policy rules at the branch level are subject to failover traffic through Conditional Backhaul. You can exclude traffic from Conditional Backhaul based on certain requirements for selected policies by disabling this feature at the selected business policy level. For more information, see Conditional Backhaul.
  8. Click Save Changes.