An on-premise spoke represents an endpoint that is part of customer premise equipment (CPE) at some physical location such as branch office or point of sale location. Typically, these points are connected using overlay connections to hub sites. You create an on-premise spoke site from the Sites page.
You can also add an SD-WAN on-premise site using dual CPE devices. The workflow to add a site with dual CPE devices is similar to the single CPE device. When you create a site, select the appropriate connection plan, which supports the dual CPE solution. The device templates that support the dual CPE device solution are as follows:
After you select the connection plan, enable the required WAN links (MPLS or Internet). These WAN links are distributed across two NFX250, SRX300 line of devices, or SRX550 devices.
Note: You must enable at least one WAN link per CPE device.
To create an on-premise spoke site:
The Add Site for Tenant page appears.
Table 157: Fields on the Add On-Premise Spoke Site Page
Field | Description |
|---|---|
| General | |
Site Name | Enter a site name for the tenant. You can use alphanumeric characters and hyphen (-). The maximum length is 15 characters. |
Site Type | Displays the site type. This field cannot be modified. |
Tenant Topology | Displays the topology of the tenant that was selected while creating the tenant. This field cannot be modified. |
Site Group | Select a site group to which you want to assign the site. |
Street Address | Enter the street address of the site. |
City | Enter the name of the city where the site is located. |
State/Province | Select the state or province where the site is located. |
ZIP/Postal Code | Enter the postal code for the site. |
Country | Select the country where the site is located. Click the Validate button to verify the address. The site address verification successful message is displayed if the address is correct. You can click the View location on a map link to see the address location. If you enter the wrong address and click the Validate button to verify the address, the Site address could not be validated message is displayed . |
Contact Name | Enter the name of the contact person at the site. |
Enter the e-mail address of the contact person at the site. | |
Phone | Enter the phone number for the site. |
| Connectivity Requirements | |
Connectivity Requirements for the Selected Plan | Click a connection plan to select the plan for WAN connectivity. A connection plan contains information prepopulated from the device template, and includes the device information, a list of SD-WAN features supported, and the number of links supported. |
WAN Underlay Links | |
WAN_0 WAN_1 WAN_2 WAN_3 | Displays the WAN link. Depending on the connection plan selected, you can configure up to four WAN links per site that support SD-WAN. You can configure these links as MPLS or Internet links. |
Enable WAN_0 Enable WAN_1 Enable WAN_2 Enable WAN_3 | Select this check box to enable the WAN link. |
Name | Displays the name of the WAN link. |
Type | Select the connection type of the WAN link—MPLS or Internet. |
Access Type | Select the access type for WAN connectivity.
Note:
Note: |
Subscribed Bandwidth | Enter the maximum bandwidth to be allowed for a specific WAN link. The range is 1 through 999999999. Note: If the access type for the WAN link is LTE, then you cannot configure the bandwidth. Note: LTE is not supported when you create an SD-WAN on-premise site with dual CPE devices. |
Provider | Enter the name of the Internet Service Provider (ISP). |
Cost/Month | Enter the cost per month of the subscribed bandwidth in the specified currency. The range is 1 through 999999999. |
WAN Link (Primary or Secondary) | Displays whether it is a primary device WAN link or secondary device WAN link. This field cannot be modified and it is displayed only when you select a SRX or NFX dual CPE connection plan. |
| Additional Requirements Based on the connectivity requirement, the following fields are populated: | |
Site Type | Displays the site type. This field cannot be modified. |
Default Link | Select the default links that must be used for routing traffic. The site can have multiple default links to the hub site as well as to the Internet. Default links are used primarily for overlay traffic but can be used for local breakout traffic as well. A default link cannot be used exclusively for local breakout traffic. The default link is optional and in case it is not chosen, all links are used through equal-cost multipath (ECMP). |
Backup Link | Select a backup link through which traffic can be routed when the primary links are unavailable. In the hub-and-spoke topology, if an LTE link is available, the LTE link is by default selected as the backup link. You cannot change the default selection. If no LTE link is assigned, you can select any of the links other than the default links. Note that you cannot assign the backup link for exclusive breakout traffic (the Use only for breakout traffic option). If local breakout is enabled for the site, the breakout traffic is also routed through the backup link when the breakout link is not available. When a primary link comes back online, CSO monitors the performance on the primary link and when the primary link meets the SLA requirements, the traffic is switched back to the primary link. However, note that the SLA data is not monitored for the backup link. Note: LTE is not supported when you create an SD-WAN on-premise site with dual CPE devices. |
Enable Local Breakout | Click the toggle button to enable local breakout on the site. If you specify LTE as the access type for a WAN link, by default, the WAN link is selected as the local breakout link. Note: LTE is not supported when you create an SD-WAN on-premise site with dual CPE devices. |
Links for Breakout | Select the WAN links on which you want to enable local breakout. You can also choose to use each WAN link exclusively for local breakout traffic or for both local breakout and WAN traffic. You cannot select previously selected default WAN links to be used exclusively for local breakout traffic. |
Preferred Breakout Link | Select the preferred link for local breakout. If no link is selected, then the breakout link is chosen using ECMP from the available links. If you select LTE as the access type for a WAN link, by default, the WAN link is selected as the local breakout link. Note: LTE is not supported when you create an SD-WAN on-premise site with dual CPE devices. |
Enable Hub Multihoming | Select this option to enable multihoming on the site. Multihoming is the ability of a spoke site to connect to multiple hub sites, thereby providing redundancy. To enable multihoming on a site, you must select the hub-and-spoke topology when you create the tenant. |
Device Redundancy | Displays the device redundancy mode. This field cannot be modified.
|
| Add LAN Segment Note: You must add at least one LAN segment. | |
Name | Enter a unique string of alphanumeric characters and special characters (. -). No spaces are allowed and the maximum length is 15 characters. |
Port | Select a port number from the list. Depending on the device configured in the connection plan, you can specify up to two port numbers. |
VLAN ID | Enter the VLAN ID that is associated with the MPLS data link in the range 1 through 4094. |
Department | Select a department to which the LAN segment is to be assigned. Click Create Department to create a new department and assign the LAN segment to it. You group LAN segments as departments for ease of management and for applying policies at the department-level. |
DHCP | Enable or disable DHCP. Enable DHCP to assign IP addresses by using a DHCP sever. Disable DHCP to assign static IP addresses. By default, DHCP is disabled. |
IP Address Prefix | Enter one or more IPv4 prefixes for the site management network. |
Subnet | Enter the subnet mask of the DHCP IP address pool. |
Address Range Low | Enter the starting IP address in the range of IP addresses that can be allocated by the DHCP server to the LAN segment. |
Address Range High | Enter the ending IP address in the range of IP addresses that can be allocated by the DHCP server to the LAN segment. |
Maximum Lease Time | Specify the maximum duration of time (in seconds) for which a client can request for and hold a lease on a DHCP server. You can enter a value in the range 0 through 4,294,967,295 seconds. |
Name Server | Enter the IPv4 address of the DNS server. DNS servers are used for resolving host names to IP addresses. |
The newly created site is displayed on the Sites page.