Skip to main content
Versa Networks

Configure a Branch SD-WAN Profile

  1. Last updated
  2. Save as PDF

Versa-logo-release-icon.pngFor supported software information, click here.

When you configure IPsec VPN profiles with a Branch SD-WAN VPN type, you associate a branch SD-WAN profile with the VPN.

To configure a branch profile:

  1. In Director view:
    1. Select the Configuration tab in the top menu bar.
    2. Select Devices > Devices in the left menu bar.
    3. Select an organization in the left menu bar.
    4. Select a device in the dashboard. The view changes to Appliance view.
  2. Select the Configuration tab in the top menu bar.
  3. Select Services > IPsec > Branch SD-WAN Profile in the left menu bar.

    branch_sdwan_profile.png
     
  4. Click the add_icon.png Add icon. In the Add Branch SD-WAN Profile popup window, enter information for the following fields.

    add_branch_sdwan_profile.png
     
    Field Description
    Profile Name Enter a name for the profile.
    Transform Select the cryptographic algorithm used in IKE IPsec encryption and decryption.
    Transform Set Select the transform set to be used for protection of data.
    DH Group  

    Select the Diffie-Hellman (DH) group to determine the strength of the key used in the Diffie-Hellman key exchange process:

    • Diffie-Hellman group 1—768-bit modulus
    • Diffie-Hellman group 2—1024-bit modulus
    • Diffie-Hellman group 5—1536-bit modulus
    • Diffie-Hellman group 14—2048-bit modulus
    • Diffie-Hellman group 19—256-bit elliptic curve
    • Diffie-Hellman group 20—384-bit elliptic curve
    • Diffie-Hellman group 21—521-bit elliptic curve
    • Diffie-Hellman group 25—192-bit elliptic curve
    • Diffie-Hellman group 26—224-bit elliptic curve
    DH Group Set  Select the Diffie-Hellman group set to determine the strength of the key used in the Diffie-Hellman key exchange process:
    • Diffie-Hellman group 1—768-bit modulus
    • Diffie-Hellman group 2—1024-bit modulus
    • Diffie-Hellman group 5—1536-bit modulus
    • Diffie-Hellman group 14—2048-bit modulus
    • Diffie-Hellman group 19—256-bit elliptic curve
    • Diffie-Hellman group 20—384-bit elliptic curve
    • Diffie-Hellman group 21—521-bit elliptic curve
    • Diffie-Hellman group 25—192-bit elliptic curve
    • Diffie-Hellman group 26—224-bit elliptic curve
    Life Time

    Enter how long the key is valid.

    Range: 300 through 604800 seconds

    Duration: 7200 seconds
    Rekey Time

    Enter the time interval after which the secret key is regenerated.

    Range: 240 through 604800 seconds

    Duration: 6300 seconds
    Key Server Click Key Server and select a key server name.
  5. Click OK.

Supported Software Information

Releases 20.2 and later support all content described in this article.