Product Documentation

Basic Configuration Mode

Aug 09, 2017

The Basic configuration mode is introduced to allow network administrators to configure basic sites easily and quickly. Using WAN Link templates, you can configure certain settings and, save it as templates, and then apply these templates to other sites. This reduce repetitive tasks and allows configuring new sites with minimal clicks. 

The simplified basic configuration mode has two views Global and Site.  

Using the Global tab, you can: 

  • Set the global virtual WAN network encryption settings. 
  • Create multiple WAN Link Templates and map it to Service Providers.
  • Create WAN Link Template for MPLS links.
  • Configure the WAN Link speeds in Mbps or Kbps.
  • Set up MPLS Queues using % or kbps.

Using the Sites tab, you can:

  • Add Sites.
  • Enable site as intermediate node.
  • Enable dynamic virtual path.
  • Clone Sites.
Existing users can observe that one configuration change on the Basic mode view might modify or change more than one setting in Advance mode. Basic mode does allow Importing of existing configurations, and allows you to move between Basic and Advanced modes.

Global Virtual WAN Network Encryption

To set global virtual WAN network encryption settings:

In the SD-WAN web management interface, navigate to Configuration Editor > New > Basic. Click Global to change from the (default) Sites view to the Network view.

localized image

Under Global, click Virtual WAN Network Settings.

In the right pane, click the Network Settings edit icon.

localized image

Select the required network encryption options:

  • Network Encryption Mode – This is the encryption algorithm used for encrypted paths. Select one of the following from the drop-down menu: AES 128-Bit or AES 256-Bit.
  • Enable Encryption Key Rotation – When enabled, encryption keys are rotated at intervals of 10 to 15 minutes.
  • Enable Extended Packet Encryption Header – When enabled, a 16 byte encrypted counter is prepended to encrypted traffic to serve as an initialization vector, and randomize packet encryption.
  • Enable Extended Packet Authentication Trailer – When enabled, an authentication code is appended to the contents of the encrypted traffic to verify that the message is delivered unaltered.
  • Extended Packet Authentication Trailer Type – This is the type of trailer used to validate packet contents. Select one of the following from the drop-down menu: 32-Bit Checksum or SHA-256.

Click Apply.

WAN Link Template

To create WAN Link Templates and associate it to Service Provider:

In the SD-WAN web management interface, navigate to Configuration Editor > New > Basic. Click Global to change from the (default) Sites view to the Network view.

localized image

Click + Service Provider.

Select and click the default name to rename the service provider.

Click + on the right pane to create a WAN link template.

localized image

In the WAN Link Templates window, enter a name for the WAN link template.

localized image

In the Link Type field, select the link type. Either Internet or MPLS.

In the Rate unit field, select a unit for the WAN link speed. Either Kbps or Mbps.

Specify the physical rate for LAN to WAN and WAN to LAN.

Tip

Select Auto Learn, to automatically detect the permitted rate.

For MPLS links, create an MPLS Queue. Click + and enter values for the  following parameters:

  • DSCP tag - Service Provider’s DSCP tag setting for the queue.
  • LAN to WAN Permitted Rate - The amount of bandwidth that SD-WAN devices are permitted to use for upload, which cannot exceed the defined physical upload rate of the WAN Link. 
  • WAN to LAN Permitted Rate - The amount of bandwidth that SD-WAN devices are permitted to use for download, which cannot exceed the defined physical download rate of the WAN Link. 
localized image

Tip

You can set the unit for permitted rates of the MPLS queue to % or Kbps.

Click Apply. Continue to add more WAN link templates for the service provider, if required.

You can view a summary of the template details in the left pane. The Link type is displayed as broadband in the summary, if you selected internet link type. 

localized image

Site Cloning

The Basic > Sites view simplifies the configuration process by enabling you to create a configuration file that generates a virtual path between the defined sites. The required configuration properties for a virtual path between sites include:

  • Appliance
  • Interface
  • WAN Links
  • Static Routes
For information on adding and configuring an MCN site, see Setting up the Master Control Node (MCN) Site.
 
For information on adding and configuring a Branch site, see Adding and Configuring the Branch Sites.
 
You can now easily duplicate by using the clone option. This simplifies the process of creating multiple similar sites.
 

Note

A site configured as a primary or secondary MCN cannot be cloned.

To clone a site:

In the SD-WAN web management interface, navigate to Configuration Editor > Basic. Click Sites.

Select a site other than primary or secondary MCN and click the clone icon.

localized image

In the Clone Site window, review the fields and change the values for the fields for which the input values must be different from the site being cloned. 

localized image

Click Clone. The cloned site appears in the list of sites.