1. Maybe. I have TAC case open because gateway doesn't use the correct DPS rule I specified. TAC just said it's supposed to match device-level configuration first and after that the group level even though group level is at a lower priority. And of course the gateway doesn't know where the configuration came. So you need to verify your use case but in theory you should be able to load balance traffic from remote branch gateway to VPNCs in either cloud or at the DC
2. Yes but Aruba doesn't let you redistribute 0.0.0.0/0 because of some reason which was never properly explained to me.
3. If you do NAT on the remote gateway. 1:1 NAT pools are not supported, just NAT group of users to single IP address. NAT at the VPNC also is not probably supported at least I wasn't told how to configure that after opening a TAC ticket
4. Yes it's possible to configure, haven't tested it though. i've used only automatic SD-WAN tunneling between Aruba devices
5. You can configure application filterin in a security policy, but the applications you can use are not documented at least not in the Central documentation. So you have sort of guess and use trial and error. Also if you want to do per application bandwidth limits they don't bother to put them alphabetically so good luck :)
Original Message:
Sent: Nov 14, 2020 01:40 AM
From: Dinusha Chandrasinghe
Subject: SD-WAN as Gateway Router
Can use single Aruba MC+SD-WAN Licenses to perform the following function
1. WAN Loadbalancing
2. Routing
3. NAT
4. VPN Connection with Third-party device
5. Application filtering
------------------------------
Dinusha Chandrasinghe - MVP | ACMP | ACSP |ACSA
Network Engineer
Plexus Global (Pvt) Ltd
Colombo Sri Lanka
+94717327420
------------------------------