Configuring SD-WAN rules
Configure SD-WAN rules that will tie the Performance SLA probe (Zscaler_VPNTEST
) to each of the SD-WAN members with the Lowest Cost (SLA) strategy selected to determine which ZEN will be the active-primary and which one will be the standby-secondary.
To configure an SD-WAN rule:
- Go to Network > SD-WAN Rules, and click Create New . The Priority Rule screen displays.
- Enter a name in the Name field, like
HTTPS-Zscaler-out
in this case. - Select the IP Version to be IPv4.
- Select the Source and Destination addresses to be
all
. - Select the Protocol to be TCP, and the Port Range to be
443-443
. - Select the Lowest Cost (SLA) strategy for the outgoing interfaces. It determines which ZEN will be the active-primary and which one will be the standby-secondary.
- Specify the preference for the outgoing interfaces in the Interface preference field by adding
Zscaler-SF
andZscaler-DC
in the preferred order. - Specify the Required SLA target by adding the
Zscaler_VPNTEST
performance SLA test we created earlier. - Click OK.
Configure similar SD-WAN rules for HTTP, and non-web traffic. In our example, the non-web traffic is steered to the underlays using the Best Quality strategy.
Once configured, verify your SD-WAN rules by navigating to Network > SD-WAN Rules: