Cloud Managed Networks

Hi all, 

I'm setting up a lab for Microbranch and VPNC. I have both devices in Central, both assigned to their respective groups and online. Completed the following tasks:

• Created the DHCP Pool at Global
• Created manual cluster in VPNC group with manual override, enabled VPN termination & defined Public IP
• Created a WAN Uplink in Microbranch group with INET type
• Created a WLAN in the Microbranch group with a CL2 type, selected the VPNC cluster I defined

However, I'm not seeing any attempts to hit the Public IP at our firewall. I feel like I must be missing a step to have the Microbranch AP attempt to build the IPSEC tunnel on UDP4500, but I'm just not seeing it. Any advice or recommendations to try? 

Thank you!

------------------------------
Michael Haring
------------------------------

I worked with support and was able to get the tunnel established. For anyone else struggling with this setup, here is what I needed: 

Global Group

• Under Network Services, define System IP Pool

VPNC Group

• Under High Availability, configure cluster
• Under VPN, set SD-WAN Overlay mode to Orchestrated
• Enable Orchestrator Peering

VPNC Device

• Under WAN, define Uplink with public and private IPs

Microbranch Group

• Under System -> IP Addressing, assign System IP Pool
• Under WAN -> WAN Uplink, configure WAN Uplink
• Under Tunnel & Routing -> Data Center, define Hub group
• Under Tunnels & Routing -> Policy-based Routing, create policy for tunnel/split-tunnel
• Under Wireless -> WLAN, create a WLAN
• Under Security -> Policies & Access Control, select the User Role and add the PBR rule

Verify by logging into console of Microbranch AP or running the following command: show ata endpoint

------------------------------
Michael Haring
Technology enthusiast, Wi-Fi artist
------------------------------