Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.


Enterprise Hubs Overview

https://www.juniper.net/documentation/en_US/cso5.0/topics/concept/cp-gateway-sites-overview.html


Enterprise Hub:    An enterprise hub is an SD-WAN site that is used to carry site-to-site traffic between on-premise spoke sites and to break out backhaul (central breakout) traffic from on-premise spoke sites.

Provider Hub:

...



...



On-boarding E-Hub


1-

...

Onboard

...

branch

...

/

...

Active

...

Device

...

[

...

+

...

Stage

...

1

...

configuration

...

]


Code Block
titleonboard Enterprise-Hub
	RESOURCES >> Site Management >> Click: Add Enterprise Hub
		Name:
		Site Capability:  SD-WAN
		Primary Provider Hub: None
		optional:  Address and Timezone
	Page 2: WAN
		search fro the Device Template: jlk2_CSOaaS vSRX E-HUB
		Serial Number: 
		WAN_0 (ge-0/0/0) 
			Link type: internet [ default ]
			Static IP@ / GW:  10.3.0.2/24 // 10.3.0.1
			

...

	Advanced Settings:
					provider: IPS1 [ default ]
					Local Breakout: Enable
					Use For Fullmesh: 
						Mesh Overlay Link Type: GRE_IPSEC 
						Mesh Tag: INTERNET
					Use for OAM traffic: Enable

		WAN_0 (ge-0/0/1) 
			Link type: MPLS
			Static IP@ / GW:  10.3.1.2/24 // 10.3.1.1
				Advanced Settings:
					provider: IPS2
					Local Breakout: Enable
					Use For Fullmesh: 
						Mesh Overlay Link Type: GRE_IPSEC 
						Mesh Tag: MPLS		
					Use for OAM traffic: Enable
	Page 3: LAN
		Add LAN Segment
			Name: LAN_A
			GW: 10.3.10.1/24
			CPE Ports: LAN_0 ( ge-0/0/2)



log onto the SRX ( Console port )

restart phone-home-client gracefully

( or restart the SRX or request system reboot )

show log phc.log




Code Block
titleStage 2
2- Intent based security policy: Firewall Policy ( Site, Destination/App, Option/Action







Code Block
titleStage 2
3- SD-WAN Configuration:
      2a- Define SLA Profile: mapping Class  Vs throughput/Latency/packet Loss/Jitter/Delay
      2b- SD-WAN Policy: Site, Application, SLA Profile








=======================================

...



SRX300:

...


+

...

interface

...

ge-0/0/0.0

...

family

...

inet

...

dhcp-client

...



+

...

password

...

recovery

...

(

...

juniper1

...

)

...