You can insert the security VNF into both the VLAN as well as routed interface.

Prerequisites

Ensure that you have created a security VNF and configured the settings. See Configure Security VNF without High Availability and Configure Security VNF with High Availability.

Map the segments with service VLANs to enable VNF insertion into the VLANs. See Define Mapping Segments with Service VLANs.

Procedure

  1. In the SD-WAN Service of the Enterprise portal, click Configure > Edges.
  2. In the Edges page, click either the link to an Edge you want to configure or click the View link in the Device column of the Edge. The configuration options for the selected Edge are displayed in the Device tab.
  3. In the Device tab, under Connectivity, expand the VLAN section.
  4. Select the VLAN to which you want to insert the VNF and click the link under the VLAN column.
  5. In the Edit VLAN window, select the VNF Insertion check box to insert the VNF into VLAN. This option redirects traffic from a specific VLAN to the VNF.
  6. Click Done.

Results

The VLAN section displays the status of the VNF insertion.

You can also insert the VNF into Layer 3 interfaces or sub-interfaces. This insertion redirects traffic from the Layer 3 interfaces or subinterfaces to the VNF.

If you choose to use the routed interface, ensure that the trusted source is checked and WAN overlay is turned off on that interface. For more information, see Configure Interface Settings for Edges.