Enterprise Hubs Overview
https://www.juniper.net/documentation/en_US/cso5.0/topics/concept/cp-gateway-sites-overview.html
Enterprise Hub: An enterprise hub is an SD-WAN site that is used to carry site-to-site traffic between on-premise spoke sites and to break out backhaul (central breakout) traffic from on-premise spoke sites.
Provider Hub:
|
|
---|
On-boarding E-Hub |
1- Onboard branch / Active Device [ + Stage 1 configuration ]
Code Block |
---|
title | onboard Enterprise-Hub |
---|
| RESOURCES >> Site Management >> Click: Add Enterprise Hub
Name:
Site Capability: SD-WAN
Primary Provider Hub: None
optional: Address and Timezone
Page 2: WAN
search fro the Device Template: jlk2_CSOaaS vSRX E-HUB
Serial Number:
WAN_0 (ge-0/0/0)
Link type: internet [ default ]
Static IP@ / GW: 10.3.0.2/24 // 10.3.0.1
Advanced Settings:
provider: IPS1 [ default ]
Local Breakout: Enable
Use For Fullmesh:
Mesh Overlay Link Type: GRE_IPSEC
Mesh Tag: INTERNET
Use for OAM traffic: Enable
WAN_0 (ge-0/0/1)
Link type: MPLS
Static IP@ / GW: 10.3.1.2/24 // 10.3.1.1
Advanced Settings:
provider: IPS2
Local Breakout: Enable
Use For Fullmesh:
Mesh Overlay Link Type: GRE_IPSEC
Mesh Tag: MPLS
Use for OAM traffic: Enable
Page 3: LAN
Add LAN Segment
Name: LAN_A
GW: 10.3.10.1/24
CPE Ports: LAN_0 ( ge-0/0/2)
log onto the SRX ( Console port )
restart phone-home-client immediately
( or restart the node or system reboot )
show log message | match phone
|
|
|
Code Block |
---|
|
2- Intent based security policy: Firewall Policy ( Site, Destination/App, Option/Action
|
|
|
Code Block |
---|
| 3- SD-WAN Configuration:
2a- Define SLA Profile: mapping Class Vs throughput/Latency/packet Loss/Jitter/Delay
2b- SD-WAN Policy: Site, Application, SLA Profile
|
|
|
|
| =======================================
SRX300: + interface ge-0/0/0.0 family inet dhcp-client
+ password recovery ( juniper1 ) |
|
|
...