SD-WAN Strict Hub & Spoke Policy
Task: Configure the Control policy in such a way that limits TLOC & Routes from vSmart to DC vEdge-001 Hub sites only.
Deactivate the Lab 5 Policy and verify that each branch is able to send its routes and TLOC to each other and verify the connectivity
Go back to the Policies in vManage | Add Policy from the top left corner or mid window if there are no Policies.
Create the Site List name dc-hubs with Site id 600 and VPN-List with VPN id 1.
Click Next and move to Configure Topology and VPN membership
Click Add Topology and select Hub and Spoke and provide the following details mentioned in below figure
Click Save Hub-and-Spoke Policy.
Now you will reach to Apply Policy to Sites and VPN
Provide policy name and Preview and Copy CLI configuration in notepad and save the policy.
Now Click on Configuration | policy | Centralized Policy | Select Policy | Activate
Here you may find error that may say that vSmart is not managed by vManage, then in order to make this policy work, use the CLI configuration, which you copied in above steps and configure in vSmart as given below:
Now go to vEdge-004 and verify Sh ip routes command, here you will see that only vEdge-001 routes are present and only TLOC routes are present