A network administrator is bringing up one WAN Edge router for branch connectivity. Which types of tunnels form when the WAN edge router connects to the
Cisco SD-WAN fabric?
A network administrator is bringing up one WAN Edge router for branch connectivity. Which types of tunnels form when the WAN edge router connects to the
Cisco SD-WAN fabric?
When a WAN edge router connects to the Cisco SD-WAN fabric, it establishes a DTLS or TLS tunnel with the vSmart controller to ensure secure and reliable control plane connections. Additionally, the WAN edge router forms IPsec tunnels with other WAN edge routers to secure the data plane traffic passing between the branches. Hence, DTLS or TLS tunnels are used for control plane communication with controllers like vSmart, while IPsec tunnels are used for data plane communication among WAN edge routers.
D is the correct answer. 1. VBOND will make only DTLS connection, TLS connection will not happen between vBond and vEdge. 2. vBond connection is temporary 3. vEdges will make IPSec tunnels over data plane
vBond will only make a DTLS connection.
I believe this is correct a well.
Correct. https://sdwan-docs.cisco.com/Product_Documentation/Software_Features/SD-WAN_Release_16.3/05Security/01Security_Overview
Technically C is also correct, but the DTLS tunnel to the vBond is torn down after the Edge receives the vManage & vSmart IP's. https://www.cisco.com/c/en/us/td/docs/routers/sdwan/configuration/sdwan-xe-gs-book/cisco-sd-wan-overlay-network-bringup.html
Have to correct myself. The vBond is locked to DTLS only so C is NOT correct.
C is the correct answer, the minimal config on the Edge device contains the vBond IP or DNS name, so first comms would be to the vBond through TLS/DTLS tunnel connection. https://www.cisco.com/c/en/us/td/docs/routers/sdwan/configuration/sdwan-xe-gs-book/cisco-sd-wan-overlay-network-bringup.html
Correct answer is D. vBond do not utilise TLS but DTLS.
dear Team what is the solution to this Q An MPLS connection on R2 must extend to R1 Users behind R1 must have dual connectivity for data traffic Which configuration provides R1 control connectivity over the MPLS connection?
I go with D.