Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 

Add an SD-WAN On-Premises Spoke Site

 

The following illustration shows a simple SD-WAN topology.

Before you add an on-premise spoke site:

To add an on-premises spoke site for SD-WAN:

  1. From the Sites page (Resources > Site Management) of the CSO portal, click Add and select On-Premises Spoke Site.

    The Add Site wizard appears.

  2. Complete the settings as explained in Table 2.
  3. Click OK to add the site.

    When the site is successfully created, the Site Status in the Sites page changes to Provisioned.

    If you did not enter serial number while creating the on-premises spoke site, you must manually enter the serial number after adding the spoke site, in order to activate the site. See Add an On-Premises Spoke Site with SD-WAN Capability for more information.

    Table 2: SD-WAN On-Premises Spoke Site Settings

    Field

    Description

    General

    Site Name

    Enter a unique name for the site. You can use alphanumeric characters and hyphen (-); the maximum length is 32 characters.

    Site Capabilities

    Select SD-WAN.

    Primary Hub

    Select an enterprise hub site as the primary hub from the list of available hub sites. If there is only one hub site available, that one is selected by default.

    WAN

    Device Series

    Select the CPE device.

    Device Template

    Select a device template for the CPE device.

    Serial Number

    Enter the serial number of the CPE device.

    You can also add the on-premises spoke site but activate the site later. If you do not enter the serial number of the CPE device when creating the on-premises spoke site, you must enter it while activating the site, using the Activate Site link.

    See Add an On-Premises Spoke Site with SD-WAN Capability for more information.

    Auto Activate

    If the selected device template supports ZTP, Auto Activate is enabled. When Auto Activate is enabled, zero-touch provisioning of the device is automatically triggered when the site is added.

    The Activation Code field appears if the selected device template does not support ZTP or if you disable the Auto Activate option.

    In such cases, specify the activation code of the device to manually activate a device. For information about manually activating a device, see Activate a Device.

    Link Type

    Select whether the link is an MPLS link or Internet link.

    Access Type

    Select the access type for the underlay link:

    • If you’ve selected Internet as the link type, you can select Ethernet (default), LTE, ADSL, or VDSL as the access type.

    • If you’ve selected MPLS as the link type, you can select Ethernet (default) or LTE as the access type.

    You can select the LTE, ADSL, or VDSL access type only for one WAN link.

    Note:

    • You cannot configure LTE, ADSL, or VDSL as the access type if you are using the Dual SRX and Dual NFX device templates; Ethernet is configured as the access type for the underlay link.

    • SRX300 does not support LTE and ADSL access types.

    • On SRX300 line of Services Gateways (except SRX300 devices) and NFX150 devices, the LTE WAN link is supported through a SIM card that is inserted in the SIM slot of the Mini-Physical Interface Module (Mini-PIM). On NFX250 devices, the LTE WAN link is supported through a USB dongle (Vodafone K5160 dongle) that is plugged into the USB port of the CPE device.

    PPPoE/PPP

    Click the toggle button to enable authenticated address assignment for the WAN link by using PPPoE (Point-to-Point Protocol over Ethernet) or PPP (Point-to-Point Protocol). By default, this toggle button is disabled.

    PPPoE works with Ethernet, ADSL, and VDSL access types while PPP works with the LTE access type.

    Note: This toggle button is not available for Internet links with LTE as the access type.

    If you’ve enabled this toggle button, you must specify the PPPoE or PPP parameters (username, password, and authentication protocol) for the PPPoE or PPP server, respectively. The PPPoE or PPP server assigns an IP address to the WAN link after successful authentication.

    If you’ve disabled this toggle button, select a method (DHCP or STATIC) to assign an IP address to the WAN link from the Address Assignment list.

    Access Point Name (APN)

    If you choose to use a private APN with the current LTE service provider or to use a different LTE service provider, enter the APN for the CPE device (as specified by the service provider).

    This field is displayed only if you have enabled PPPoE/PPP for MPLS links with LTE as the access type. If you have disabled PPPoE/PPP for these links, CSO uses the default APN settings.

    Egress Bandwidth

    Specify the maximum bandwidth allocated for the WAN link.

    Note: This option is not available for Internet and MPLS links with LTE access type.

    Address Assignment

    Specify whether to use DHCP or Static addresses.

    If you select Static, specify a Static IP Prefix and Gateway IP Prefix.

    This field is displayed only if you have disabled the PPPoE/PPP toggle button.

    Service Provider

    Enter the name of the service provider.

    Cost per month

    Enter the per month cost of the link. This information is used to identify the least expensive link when link switch occurs.

    LAN Segment

    Add LAN Segment

    Click to add a LAN segment.

    Name

    Enter a unique name for the LAN segment.

    Gateway Address/Mask

    Enter a valid gateway IP address andmask for the LAN segment; for example, 192.0.2.8/24.

    Department

    Select a department from the list; if no department is available, click Create Department and add one.

    A department is a grouping of LAN segments within a site. You use departments to apply specific policies to LAN segments that are members of a department.

    CPE Port

    Select at least one CPE port.

After the site is provisioned, you can complete the following tasks as required:

  • Upload and install licenses. For example, Administration > Licenses.

  • Install signatures. For example, Administration > Signature Database.

  • Add, edit, and deploy an SD-WAN policy. For example, Configuration > SD-WAN Policy .

  • Create and generate reports. For example, Reports > Report Definitions > SD-WAN.

  • Monitor alerts and alarms, SLA performance of tenants, and jobs. For example, Monitor > Jobs.

For more information about these tasks, see the Contrail Service Orchestration user guide at https://www.juniper.net/ documentation/product/en_US/contrail-service-orchestration.