After configuring a Non SD-WAN Destination via Edge in SASE Orchestrator, you have to associate the Non SD-WAN Destination to the desired Profile in order to establish the tunnels between SD-WAN Gateways and the Non SD-WAN Destination.

To establish a VPN connection between a Branch and a Non SD-WAN Destination configured via Edge, perform the following steps:
  1. In the SD-WAN service of the Enterprise portal, go to Configure > Profiles > Device tab.
  2. Go to VPN Services area and activate Cloud VPN by turning the toggle button to On.
  3. To establish a VPN connection directly from an SD-WAN Edge to a Non SD-WAN Destination (VPN gateway of Cloud provider such as Azure, AWS), select the Enable Non SD-WAN via Edge check box under Non SD-WAN Destinations via Edge section.
  4. From the configured Services drop-down menu, select a Non SD-WAN Destination to establish VPN connection.
  5. Click the Add button to add additional Non SD-WAN Destinations.
    Note: Only one Non SD-WAN Destinations via Edge service is allowed to be activated in at most one Segment. Two Segments cannot have the same Non SD-WAN Destinations via Edge service activated.
    For more information about configuring a Non SD-WAN Destination Network Service through Edge, see Configure Non SD-WAN Destinations via Edge.
  6. To deactivate a particular service, deselect the respective Enable Service check box.
  7. Click Save Changes.
    Note: Before associating a Non SD-WAN Destination to a Profile, ensure that the Gateway for the Enterprise Data Center is already configured by the Enterprise Data Center Administrator and the Data Center VPN Tunnel is activated.