Menu

Join the Conversation

To sign in, use your existing MySonicWall account. To create a free MySonicWall account click "Register".

Sign In Register

SD WAN Using Numbered VPN Tunnel Interfaces

marco_crisanto02marco_crisanto02 Newbie ✭
in Mid Range Firewalls

Hi Guys,

I just want to know your opinion, why in this video that the Office 365 and SalesForce traffic(Saas) from Branch are still routed/back hauled going to Head office using a VPN Tunnel interfaces? What are the significance of this setup?? Please see the attached url of video and the diagram below.

Thanks!


Regards,

Marco

https://www.youtube.com/watch?v=0UU9SmfUn3E&t=15s

Tunnel Interface VPN.JPG


Category: Mid Range Firewalls
Reply

Answers

  • shiprasahu93shiprasahu93 Moderator

    Hello @marco_crisanto02,

    Welcome to SonicWall community.

    With SD-WAN using numbered tunnel interface, it will be useful to set up the Office 365 and SalesForce traffic(Saas) back to the central office if all internet traffic from the branch office is being routed through the central office and the branch office connects to the central office using multiple VPN tunnels.

    Otherwise, it is better to just directly create a SD WAN group of the WAN interfaces and use them in the SD WAN Route instead.

    Again, I think the video is just to give an example that both application signature based or port based routes can be used for SD WAN routing.

    Let me know if you have any further questions.

    Thanks!

    Shipra Sahu

    Technical Support Advisor, Premier Services

  • marco_crisanto02marco_crisanto02 Newbie ✭
    edited June 2020

    Hi @shiprasahu93

    What are the "advantages" if the Office 365 and SalesForce traffic(Saas) back to the Central office if all internet traffic from the Branch office is being routed through the central office??

    Why not route the Office 365 and SalesForce traffic(Saas) directly to the Internet of the Branch instead of routing the traffic going to Central office using VPN Tunnel Interface??

  • shiprasahu93shiprasahu93 Moderator

    @marco_crisanto02,

    I agree that you can directly route Office 365 and SalesForce traffic(Saas) directly to the Internet of the Branch as well using WAN interfaces in the SD WAN Group.

    This is only useful in scenarios where all internal traffic is sent from the branch office to central office and then routed to internet. There are very less number of deployments that use this, but again as I mentioned earlier the example is to show that both port based as well as signature based SD WAN routing can be performed with numbered tunnel interfaces.

    Thanks!

    Shipra Sahu

    Technical Support Advisor, Premier Services

Sign In or Register to comment.