3- Onboarding Enterprise Hub
Enterprise Hubs Overview
https://www.juniper.net/documentation/en_US/cso5.0/topics/concept/cp-gateway-sites-overview.html
Enterprise Hub: An enterprise hub is an SD-WAN site that is used to carry site-to-site traffic between on-premise spoke sites and to break out backhaul (central breakout) traffic from on-premise spoke sites.
Provider Hub:
On-boarding E-Hub | 1- Onboard branch / Active Device [ + Stage 1 configuration ] onboard Enterprise-Hub RESOURCES >> Site Management >> Click: Add Enterprise Hub Name: Site Capability: SD-WAN Primary Provider Hub: None optional: Address and Timezone Page 2: WAN search fro the Device Template: jlk2_CSOaaS vSRX E-HUB Serial Number: WAN_0 (ge-0/0/0) Link type: internet [ default ] Static IP@ / GW: 10.3.0.2/24 // 10.3.0.1 Advanced Settings: provider: IPS1 [ default ] Local Breakout: Enable Use For Fullmesh: Mesh Overlay Link Type: GRE_IPSEC Mesh Tag: INTERNET Use for OAM traffic: Enable WAN_0 (ge-0/0/1) Link type: MPLS Static IP@ / GW: 10.3.1.2/24 // 10.3.1.1 Advanced Settings: provider: IPS2 Local Breakout: Enable Use For Fullmesh: Mesh Overlay Link Type: GRE_IPSEC Mesh Tag: MPLS Use for OAM traffic: Enable Page 3: LAN Add LAN Segment Name: LAN_A GW: 10.3.10.1/24 CPE Ports: LAN_0 ( ge-0/0/2) log onto the SRX ( Console port ) restart phone-home-client gracefully ( or restart the SRX or request system reboot ) show log phc.log |
Stage 2 2- Intent based security policy: Firewall Policy ( Site, Destination/App, Option/Action | |
Stage 2 3- SD-WAN Configuration: 2a- Define SLA Profile: mapping Class Vs throughput/Latency/packet Loss/Jitter/Delay 2b- SD-WAN Policy: Site, Application, SLA Profile | |
======================================= SRX300: + interface ge-0/0/0.0 family inet dhcp-client + password recovery ( juniper1 ) | |