SD-WAN
(→Networks) |
(→Cross-Platform clients) |
||
| (8 intermediate revisions by one user not shown) | |||
| Line 4: | Line 4: | ||
* Network virtualization: setup SD-WAN subnets and join multiple devices/networks together. | * Network virtualization: setup SD-WAN subnets and join multiple devices/networks together. | ||
* End-to-End encryption | * End-to-End encryption | ||
| − | * | + | * Set up a VPN without needing a static public IP address. |
== Server Settings == | == Server Settings == | ||
| Line 14: | Line 14: | ||
=== Networks === | === Networks === | ||
| − | + | Click "New network" to create a new sdwan subnet. | |
| − | [[File: | + | [[File:sdwan_network01.png|450px]] |
| − | [[File:sdwan_network03.png| | + | * Net ID: SD-WAN network id |
| + | * Net Name: network description | ||
| + | * Start/End IP: DHCP IP address range | ||
| + | |||
| + | [[File:sdwan_network02.png|450px]] | ||
| + | |||
| + | To join multiple networks together, you need to setup routing policies. As shown below, network "192.168.1.0/24" can be reached via "10.200.188.1", while network "192.168.2.0/24" can be reached via "10.200.188.2". So these two networks are reachable from each side. | ||
| + | |||
| + | [[File:sdwan_network03.png|450px]] | ||
== Client Settings == | == Client Settings == | ||
| + | |||
| + | In WFilter NGF, you can join SD-WAN networks in the "VPN"->"SD-WAN" module. | ||
| + | * SD-WAN secret: SD-WAN client id | ||
| + | * Zone: zone firewall ACL rules will be applied. Please check [[firewallrule|Firewall Rules]] | ||
| + | |||
| + | [[File:sdwan_client01.png|800px]] | ||
| + | |||
| + | [[File:sdwan_client02.png|800px]] | ||
| + | |||
| + | [[File:sdwan_client03.png|800px]] | ||
| + | |||
| + | Client is denied by default, you also need to authorize clients in the server side. | ||
| + | |||
| + | [[File:sdwan_client04.png|450px]] | ||
| + | |||
| + | == Cross-Platform clients == | ||
| + | |||
| + | WFilter's SD-WAN networks are compatible with ZeroTier clients, and you may download clients for other operating systems here: [https://www.zerotier.com/download/ zerotier download] | ||
| + | |||
| + | = Links = | ||
| + | * [http://blog.wfilterngf.com/?p=660 How to setup site-to-site VPN with WFilter’s SD-WAN service?] | ||
[[Category:VPN]] | [[Category:VPN]] | ||
Latest revision as of 12:24, 10 July 2025
Contents |
[edit] 1 SD-WAN
SD-WAN is an integration of the ZeroTier networking. With SD-WAN, you are able to:
- Network virtualization: setup SD-WAN subnets and join multiple devices/networks together.
- End-to-End encryption
- Set up a VPN without needing a static public IP address.
[edit] 2 Server Settings
Server settings of WFilter SD-WAN can be accessed in WFilter Cloud Service.
[edit] 2.1 Networks
Click "New network" to create a new sdwan subnet.
- Net ID: SD-WAN network id
- Net Name: network description
- Start/End IP: DHCP IP address range
To join multiple networks together, you need to setup routing policies. As shown below, network "192.168.1.0/24" can be reached via "10.200.188.1", while network "192.168.2.0/24" can be reached via "10.200.188.2". So these two networks are reachable from each side.
[edit] 3 Client Settings
In WFilter NGF, you can join SD-WAN networks in the "VPN"->"SD-WAN" module.
- SD-WAN secret: SD-WAN client id
- Zone: zone firewall ACL rules will be applied. Please check Firewall Rules
Client is denied by default, you also need to authorize clients in the server side.
[edit] 4 Cross-Platform clients
WFilter's SD-WAN networks are compatible with ZeroTier clients, and you may download clients for other operating systems here: zerotier download
