Manual Secure Peering initiated from PE appliance at DC site and Branch PE appliance 编辑
This deployment configures DC site PE appliance in LISTEN ON mode and Branch site PE appliance in CONNECT TO mode.
- PE DC appliance is in LISTEN ON mode (on port 443).
- Branch PE appliance is in CONNECT-TO mode.
- LISTEN-ON IP for PE is in the interface IP associated to the routing domain for which “Redirect to WANOP” is enabled.
- Manually upload CA and Cert Key pair certificates obtained from authentic source of certificate authority.
Configuration
To configure auto secure peering initiated from an PE appliance at DC site and PE appliance at branch site:
Upload CA Certificate and CA Key Certificate obtained from authentic certificate and provide to SD-WAN as shown below.
On a new PE appliance at the DC site, in the SD-WAN web GUI, go to Configuration > Secure Acceleration > Secure Peering.
Configure keystore by providing the keystore password or by disabling the keystore.
Enable secure peering by selecting CA Certificate radio button and providing uploaded CA and CA Key pair certificates appropriately as shown below.
Provide Remote machine’s Virtual IP along with Port 443 as shown below.
Monitoring
To validate if the Private CA and Private Certificate Key pair is generated successfully, review the information below.
On partner appliance, View Secure Partner Information on the Premium (Enterprise) Edition appliance under Monitoring > Partners > Secure Partners page.
Troubleshooting
View Secure Partner Success / Failure Information on the Premium (Enterprise) Edition Appliance under Monitoring > WAN Optimization > Partners > Secure Partners page. 
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论