01-22-2026 09:55 PM
1. Currently, four tunnels (at each of the two Hubs) are used for the four IPsec tunnels between these two Hubs (based on two SDWAN circuits at each Hub). Can the four existing tunnels (labelled tunnel.50xx) at both existing hubs (CHT and ELP) be used for the new IPsec tunnels to/from Agave2?
2. Can we use IP addresses assigned directly to interface ports for the SDWAN circuits, instead of creating loopback interfaces for IKE Gateways ?
3.If there is another valid reason to use loopback interfaces instead of the IP addresses assigned to the physical interface?
4.After removing Agave2 firewall (as a branch) from SDWAN cluster and device in Panorama, and creating the necessary manual IPSec tunnels between Hubs, at what point do we create add the Agave2 back to SDWAN --> Device as a Hub, and add it to SDWAN --> Cluster?
please help me out this.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
