SD-WAN

Hello,
we route traffic with GRE Tunnels from One branch over  VPNC to another Branch. We have chosen this, because we had Problems with Site-tp Site VPN.
everything works fine this way. But the traffic is always using the good DSL line and we want to force it to only use the LTE.
Setup: sourcenetwork---->GRE-Tunnel-IP--->System-IP---->remote System-IP---->remote-GRE-Tunnel-IP---->Target-Network.
We tried to force it with "dynamic Path Selection Policys" with no luck. Tried to use Policys for "Source-IP to Destination-IP", "GRE-Tunnel-IP to System-IP", "System-IP to remote System-IP" and treid to filter for any GRE TRaffic, but DPS system doesent seem to recognize the traffic. DPS works fine for any other traffic. How can we filter DPS for this kind of traffic, otherwise are there any other ways to force GRE Traffic to a specific external interface.

------------------------------
Niklas Karg
------------------------------

you can make use of the branch mesh feature check this link.
https://help.central.arubanetworks.com/2.5.3/documentation/online_help/content/gateways/cfg/vpn/br-mesh.htm?Highlight=branch%20mesh

------------------------------
Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba.
------------------------------

Original Message:
Sent: Mar 18, 2021 07:53 AM
From: Niklas Karg
Subject: Path Selection for GRE Tunnel Traffic

Hello,
we route traffic with GRE Tunnels from One branch over  VPNC to another Branch. We have chosen this, because we had Problems with Site-tp Site VPN.
everything works fine this way. But the traffic is always using the good DSL line and we want to force it to only use the LTE.
Setup: sourcenetwork---->GRE-Tunnel-IP--->System-IP---->remote System-IP---->remote-GRE-Tunnel-IP---->Target-Network.
We tried to force it with "dynamic Path Selection Policys" with no luck. Tried to use Policys for "Source-IP to Destination-IP", "GRE-Tunnel-IP to System-IP", "System-IP to remote System-IP" and treid to filter for any GRE TRaffic, but DPS system doesent seem to recognize the traffic. DPS works fine for any other traffic. How can we filter DPS for this kind of traffic, otherwise are there any other ways to force GRE Traffic to a specific external interface.

------------------------------
Niklas Karg
------------------------------

Hi niklaskarg!

first you need to check if the LTE link has been configured as a backup. If so, traffic will only be forwarded to this link if the other links fail. You can check this configuration in the configuration tab of the wan links within the group or at the device level.

------------------------------
Felipe Rodrigues
------------------------------

Original Message:
Sent: Mar 18, 2021 07:53 AM
From: Niklas Karg
Subject: Path Selection for GRE Tunnel Traffic

Hello,
we route traffic with GRE Tunnels from One branch over  VPNC to another Branch. We have chosen this, because we had Problems with Site-tp Site VPN.
everything works fine this way. But the traffic is always using the good DSL line and we want to force it to only use the LTE.
Setup: sourcenetwork---->GRE-Tunnel-IP--->System-IP---->remote System-IP---->remote-GRE-Tunnel-IP---->Target-Network.
We tried to force it with "dynamic Path Selection Policys" with no luck. Tried to use Policys for "Source-IP to Destination-IP", "GRE-Tunnel-IP to System-IP", "System-IP to remote System-IP" and treid to filter for any GRE TRaffic, but DPS system doesent seem to recognize the traffic. DPS works fine for any other traffic. How can we filter DPS for this kind of traffic, otherwise are there any other ways to force GRE Traffic to a specific external interface.

------------------------------
Niklas Karg
------------------------------

Hi Niklas!

First you need to check if the LTE link is configured as a backup. If so, traffic will only be forwarded to LTE if the other links are offline.


------------------------------
Felipe Rodrigues
------------------------------

Original Message:
Sent: Mar 18, 2021 07:53 AM
From: Niklas Karg
Subject: Path Selection for GRE Tunnel Traffic

Hello,
we route traffic with GRE Tunnels from One branch over  VPNC to another Branch. We have chosen this, because we had Problems with Site-tp Site VPN.
everything works fine this way. But the traffic is always using the good DSL line and we want to force it to only use the LTE.
Setup: sourcenetwork---->GRE-Tunnel-IP--->System-IP---->remote System-IP---->remote-GRE-Tunnel-IP---->Target-Network.
We tried to force it with "dynamic Path Selection Policys" with no luck. Tried to use Policys for "Source-IP to Destination-IP", "GRE-Tunnel-IP to System-IP", "System-IP to remote System-IP" and treid to filter for any GRE TRaffic, but DPS system doesent seem to recognize the traffic. DPS works fine for any other traffic. How can we filter DPS for this kind of traffic, otherwise are there any other ways to force GRE Traffic to a specific external interface.

------------------------------
Niklas Karg
------------------------------