Configure a Non SD-WAN Destinations via Gateway

VMware allows the Enterprise users to define and configure a Non VMware SD-WAN Site instance and establish a secure IPSec tunnel to a Non VMware SD-WAN Site through a SD-WAN Gateway.

To configure a Non SD-WAN Destinations via Gateway:

Procedure

From the navigation panel in the SD-WAN Orchestrator, go to Configure > Network Services.
The Services screen appears.
In the Non SD-WAN Destinations via Gateway area, click the New button.
The New Non SD-WAN Destinations via Gateway dialog box appears.
In the Name text box, enter a name for the Non VMware SD-WAN Site.
From the Type drop-down menu, select an IPSec tunnel type.
VMware supports the following Non VMware SD-WAN Site type configurations through SD-WAN Gateway:
- Check Point
- Cisco ASA
- Cisco ISR
- Generic IKEv2 Router (Route Based VPN)
- Microsoft Azure Virtual Hub
- Palo Alto
- SonicWALL
- Zscaler
- Generic IKEv1 Router (Route Based VPN)
- Generic Firewall (Policy Based VPN)
  Note: VMware supports both Generic Route-based and Policy-based Non VMware SD-WAN Site from Gateway.
Enter an IP address for the Primary VPN Gateway (and the Secondary VPN Gateway if necessary), and click Next.
A Non VMware SD-WAN Site is created.
Note: To support the datacenter type of Non VMware SD-WAN Site, besides the IPSec connection, you will need to configure Non VMware SD-WAN Site local subnets into the VMware system.

What to do next

Configure tunnel settings for your Non VMware SD-WAN Site. For more information about configuring tunnel settings for various IPSec tunnel types, see:
Associate your Non VMware SD-WAN Site to a profile or Edge. For more information, see:
- Configure a Tunnel Between a Branch and a Non SD-WAN Destinations via Gateway
- Configure a Tunnel Between a Branch and a Non SD-WAN Destinations via Edge
Configure Business Policy. For more information, see Create Business Policy Rules.