Help Center User GuideGetting StartedFAQ
 
X
User Guide
Getting Started
FAQ
Contents  

Configuring Dynamic VPN Tunnels Thresholds for all Sites in a Tenant

CSO dynamically creates or deletes a VPN tunnel (that does not pass through a gateway site or hub) between two spoke sites, if the following conditions are met:

  • The number of sessions closed between two spoke sites crosses the threshold value.

  • The WAN links of the spoke sites have matching mesh tags.

For more information on dynamic VPN tunnels, see Dynamic VPN Tunnels Overview.

Note The Dynamic VPN page appears only for tenants with real-time optimized SD-WAN mode.

Procedure

To modify threshold values at the tenant-level:

  1. Select Administration > Dynamic VPN.

    The Dynamic VPN page appears.

  2. Complete the configuration according to the guidelines Table 213.

    Note  Fields marked with * are mandatory.

  3. Click Save to save the changes.

    A confirmation message appears indicating that the threshold values are saved and you are returned to the Dynamic VPN page.

    The threshold values that you specify are immediately applicable for all sites (including gateway sites or enterprise hubs) in the tenant.

    Note You can also modify the threshold values while adding a spoke site or a enterprise hub site. The threshold value that you specify on the Add Site page (On-premise or gateway site) overrides the threshold value that you specified on the Dynamic VPN page of the Customer Portal.

Table 213: Fields on the Dynamic VPN page

Field

Description

Threshold

Select this check box to customize the dynamic VPN threshold value that will override threshold value specified at the global level (for all tenants).

Threshold for Creating a Tunnel

Sessions Closed

Specify the number of sessions closed (for a duration of 2 minutes) between two spoke sites.

If the number of sessions closed (for a duration of 2 minutes) is greater than or equal to the value that you specified, a dynamic VPN tunnel is created between two spoke sites.

The default threshold value (the number of sessions closed for 2 minutes) is 5.

For example, if you specify the number of sessions closed as 10, dynamic VPN tunnels are created if the number of sessions closed between two spoke sites in 2 minutes is greater than or equal to 10.

Threshold for Deleting a Tunnel

Sessions Closed

Specify the number of sessions closed (for a duration of 15 minutes) between two spoke sites.

If the number of sessions closed (for a duration of 15 minutes) is lesser than or equal to the value that you specified, a dynamic VPN tunnel is deleted between two spoke sites.

The default threshold value (the number of sessions for 15 minutes) is 2.

For example, if you specify the number of sessions closed as 10, dynamic VPN tunnels are deleted if the number of sessions closed between two spoke sites in 15 minutes is less than or equal to 10.

Related Documentation

Help us to improve. Rate this article.
Feedback Received. Thank You!

Ask questions in TechWiki

Check documentation in TechLibrary

Rating by you:      
X

Additional Comments

800 characters remaining

May we contact you if necessary?

Name:
Email:

Need product assistance? Contact Juniper Support

Submit