Configurations
Configuration of the SD-WAN Edge ABCD-Edge1
Under Configure –> Network Services, define the two Non SD-WAN Destinations via Edge. Please note in this POST, it is Generic IKEv2 (not IKEv1).
Figure 4 shows in order to enable the IPSec from the ABCD-VCE1, under “Cloud VPN –> Branch to Non SD-WAN Destination via Edge”, create the two corresponding tunnels by selecting “IPSec1” and “IPSec2” created previously. If you wonder where to put the pre-shared key, it is at the window by clicking either “Add” or “Edit” under the action column.
At this point, the IPSec configurations are completed. The next configuration we have to perform is the BGP over IPSec, check Figure 6 below:
The area I would like to highlight are, firstly, for BGP over IPSec, the neighbors are created under “NSD Neighbors” instead of the normal “Neighbors”. Secondly, the tunnel IP address 169.254.80.2 and 169.254.80.6 are configured under the option called “Local IP” of “Additional Options”. The other fields of the GUI I believe they are self-explanatory.