NetworkPuzzles

In enterprise WAN environments, not every network segment should have unrestricted access to every other segment. However, many isolated segments still need access to a small set of shared services, such as DNS, Active Directory, RADIUS, monitoring systems, or internal application platforms. our Senario: your goal is: For a shared services VPN: We should make…

In modern enterprise WANs, not all traffic should go directly from a branch to the internet or to internal applications without inspection. Even in an SD-WAN architecture, organizations often need to enforce security perimeters by steering selected traffic through centralized security services such as firewalls, IDS/IPS, secure web gateways, or traffic inspection platforms. Cisco SD-WAN…

In this lab, I demonstrate how TLOC Extension works in Cisco SD-WAN using a simple branch topology. At Site3, I have two WAN Edge routers: By default, each WAN Edge can only use its own transport interface.However, in many real-world deployments, we want both routers to share available transports. TLOC Extension allows a WAN Edge…

Cisco SD-WAN is often discussed from the perspective of routing, transport selection, and centralized management.However, one of its major strengths is the ability to integrate networking and security into a unified WAN architecture. In many enterprise environments, WAN edge routers are not only responsible for transporting traffic, but also for enforcing security policies at branch…

In this lab, I am using the Cisco SD-WAN Sandbox environment to demonstrate how TLOC Preference can be used for traffic engineering. In many enterprise WAN environments, a site has multiple WAN transports, such as: Although Cisco SD-WAN can dynamically build tunnels across all available transports, we may want to prefer one path over another…