After configuring a Non SD-WAN Destination via Edge in SASE Orchestrator, you have to associate the Non SD-WAN Destination to the desired Profile in order to establish the tunnels between SD-WAN Gateways and the Non SD-WAN Destination.

To establish a VPN connection between a branch and a Non SD-WAN Destination configured via Edge, perform the following steps:

Procedure

  1. In the SD-WAN service of the Enterprise portal, go to Configure > Profiles.
  2. Click the link to the Profile or click the link under the Device column of the selected Profile.
    The Device Settings page for the selected profile appears.
  3. Go to the VPN Services area and activate the Cloud VPN by turning on the toggle button.
  4. To establish a VPN connection directly from a SD-WAN Edge to a Non SD-WAN Destination (VPN gateway of Cloud provider such as Azure, AWS), under Non SD-WAN Destination via Edge, select the Enable Non SD-WAN via Edge check box.
  5. From the list of configured Services, select a Non SD-WAN Destination to establish VPN connection. Click Add to add additional Non SD-WAN Destinations.
    Note: Only one Non SD-WAN Destinations via Edge service is allowed to be activated in at most one segment. Two segments cannot have the same Non SD-WAN Destinations via Edge service activated.
  6. To deactivate a particular service, deselect the respective Enable Service check box.
  7. Click Save Changes.
    Note: Before associating a Non SD-WAN Destination to a Profile, ensure that the Gateway for the Enterprise Data Center is already configured by the Enterprise Data Center Administrator and the Data Center VPN Tunnel is activated.