Zones and interface members (per-device management)
When SD-WAN per-device management is enabled, you can create SD-WAN zones and interface members. You can select SD-WAN zones as source and destination interfaces in firewall policies. You cannot select interface members of SD-WAN zones in firewall policies.
The default SD-WAN zone is named virtual-wan-link.
To create an SD-WAN zone:
- Ensure that you are in the correct ADOM and that SD-WAN per-device management is enabled for the ADOM.
- Go to Device Manager > SD-WAN > SD-WAN.
The list of devices with SD-WAN configurations is displayed.
- Double-click a device to open its configuration for editing, or click Create New to create a new SD-WAN configuration.
The SD-WAN settings are displayed.
- In the Interface Members section, click Create New > SD-WAN Zone.
The Create New SD-WAN Zone dialog box is displayed.
- In the Name box, type a name for the zone.
- Click the Interface Members box.
The list of interfaces is displayed.
- Select the interfaces to be members of the zone, and click OK.
- Click OK to finish creating the zone.
To create an SD-WAN interface member:
- Ensure that you are in the correct ADOM and that SD-WAN per-device management is enabled for the ADOM.
- Go to Device Manager > SD-WAN > SD-WAN.
The list of devices with SD-WAN configurations is displayed.
- Double-click a device to open its configuration for editing, or click Create New.
The SD-WAN settings are displayed.
- In the Interface Members section, click Create New > SD-WAN Member.
The Create New SD-WAN Interface Member dialog box is displayed.
- Click the Interface Members box, and select an interface.
- In the SD-WAN Zone box, select a zone.
- Click OK.
The interface is added to the zone.