Thursday, October 24, 2019

Firewall behind a SD WAN solution (Velocloud)

Prior to implementing SD WAN solutions in our environment, our company was using a SonicWall connected to our ISP and core stack. Now, our two ISP circuits are connected to the Velocloud; there are two LAN ports that connect to our infrastructure. One is connected to the LAN port of the Sonicwall for VPN, and the other to our core stack. This was done by the implementation team from our MSP.

With this new setup, we're having issues connecting to Azure via point to point tunneling. However, our remote employees have no issue connecting to the VPN went off site.

My question is regarding best practices when connecting a firewall behind an SD WAN solution. Does anyone have any experience with this scenario? Establishing connection to the Azure cloud is critical to our next steps with our company.

I have been informed by my MSP that the Velocloud is capable of VPN and point to point, however, the SonicWALL is less than 3 years old and we still have support and warranty. We're not quite ready to see this purchase as sunk cost. Our initial move towards SD WAN was for aggregation and redundancy (DIA lines from competing ISPs). Looking for advice from the community of experts.



No comments:

Post a Comment