More than one HQ in SDWAN BBC

Dwi Nur Lv2Posted 01 Dec 2023 12:33

Hi everyone,

In BBC SDWAN, is it possible when we need to add more than one HQ device in the SDWAN VPN topology?
assume we have DC and HQ sites, which all branches need to reach.

ArsalanAli has solved this question and earned 10 coins.

Posting a reply earns you 2 coins. An accepted reply earns you 20 coins and another 10 coins for replying within 10 minutes. (Expired) What is Coin?

Enter your mobile phone number and company name for better service. Go

Re posting My answer because attachments are not visible

Just like you make 1st HQ, do the same configuration on backup HQ,
I am also sharing the configurations steps , also pictures attached

Note: Do these steps on both HQ
1 Select the WAN interface
2 In Basic setting select Wan Lines and VPN subnets
3 In Local Users , Add VPN users , also the second HQ
4 VPN connection Add the user name second HQ  
Primary IP and SecondaryIP is your Primary and Secondary IP (do not insert 2nd HQ IP)

Also sharing the PDF

1.png (17.66 KB, Downloads: 637)

1

1

2.png (30.08 KB, Downloads: 642)

2

2

3.png (34.69 KB, Downloads: 639)

3

3

4.png (37.4 KB, Downloads: 632)

4

4

5.png (40.31 KB, Downloads: 643)

5

5

SANGFOR_VPN.pdf

382.54 KB, Downloads: 635

PDF

Is this answer helpful?
LucyHeart Lv3Posted 10 Dec 2023 17:11
  
1 Select the WAN interface
2 In Basic setting select Wan Lines and VPN subnets
3 In Local Users , Add VPN users , also the second HQ
4 VPN connection Add the user name second HQ  
Donsadam Posted 10 Dec 2023 17:11
  
Every branch must be set up to link to several headquarters locations.
- set up dynamic routing protocols to choose the best route for traffic according to current circumstances.
Verify that redundancy and failover are in place to prevent network interruptions or outages.
babeshuka Lv3Posted 10 Dec 2023 17:10
  
You may build a robust and adaptable network architecture that satisfies the branch offices' connectivity needs to several headquarters or data centers by setting up the SDWAN VPN topology to accommodate numerous HQ devices.
RegiBoy Lv5Posted 10 Dec 2023 17:09
  
Set up VPN tunnels between the branch SDWAN devices and every HQ device. This entails specifying the encryption parameters, routing details, and VPN policies for every tunnel.
Make sure that the right routing rules are in place to route traffic from the branch locations to the appropriate headquarters devices in accordance with the intended destination. Setting up load balancing or route priority among the many HQ devices may be necessary for this.
noime Lv3Posted 10 Dec 2023 17:08
  
Usually, you would configure the branch sites to create VPN tunnels to each of the HQ devices when setting up the SDWAN VPN architecture with multiple HQ devices. The branches can now access services and resources located at various data centers or headquarters thanks to this.
MTR Lv2Posted 08 Dec 2023 17:59
  
In BBC SDWAN, it is indeed possible to add more than one HQ (Headquarters) device in the SDWAN VPN topology. This is a common requirement in scenarios where multiple headquarters or data centers need to be interconnected, and all branch offices need to reach these locations.

When setting up the SDWAN VPN topology with multiple HQ devices, you would typically configure the branch sites to establish VPN tunnels to each of the HQ devices. This enables the branches to access resources and services hosted at multiple headquarters or data centers.

The specific steps to configure multiple HQ devices in the SDWAN VPN topology may vary depending on the SDWAN solution and the BBC SDWAN platform you are using. However, in general, the process involves:

Configuration of VPN Tunnels: Configure the branch SDWAN devices to establish VPN tunnels to each of the HQ devices. This includes defining the VPN policies, encryption settings, and routing information for each tunnel.

Routing Considerations: Ensure that appropriate routing policies are in place to direct traffic from the branch sites to the correct HQ devices based on the intended destination. This may involve setting up route prioritization or load balancing across the multiple HQ devices.

Security Policies: Implement consistent security policies across the VPN tunnels to maintain a secure connection between the branch sites and the multiple HQ devices.

By configuring the SDWAN VPN topology to support multiple HQ devices, you can create a resilient and flexible network infrastructure that meets the connectivity requirements of the branch offices to multiple headquarters or data centers.
Tayyab0101 Lv2Posted 06 Dec 2023 17:47
  
yes it is quite possible.
jerome_itable Lv3Posted 06 Dec 2023 08:39
  
Yes, Sangfor BBC SDWAN allows you to add more than one HQ device in the SDWAN VPN topology. This can be useful for a variety of reasons, such as:

    Load balancing: Distributing traffic across multiple HQ devices can improve performance and availability for your branches.
    Redundancy: If one HQ device goes down, the others can take over and keep your branches connected.
    Geographic diversity: You can place HQ devices in different locations to improve latency and resiliency for branches in those regions.

There are two main ways to add more than one HQ device to your Sangfor BBC SDWAN topology:

    Full mesh: In this configuration, each branch device has a VPN tunnel to every HQ device. This provides the best possible redundancy and load balancing, but it can also be the most complex and expensive to set up.
    Hub-and-spoke: In this configuration, all branch devices tunnel to a central hub device, which then tunnels to each of the HQ devices. This is a simpler and more cost-effective way to add redundancy, but it can create a single point of failure if the hub device goes down.

The best way to configure your Sangfor BBC SDWAN topology will depend on your specific needs and requirements. If you're not sure which option is right for you, I recommend talking to a Sangfor sales engineer.

Here are some additional things to keep in mind when adding more than one HQ device to your Sangfor BBC SDWAN topology:

    You will need to have enough VPN licenses to cover all of your devices.
    You will need to configure the routing and security policies for your HQ devices.
    You may need to upgrade your hardware or software to support the additional devices.
Imran Tahir Lv4Posted 06 Dec 2023 00:16
  
Yes it is possible Di the same on backup

I Can Help:

Change

Moderator on This Board

1
1
0

Started Topics

Followers

Follow

Trending Topics

Board Leaders