Example: Star Site-to-Site VPN

In the following example, three Cloud Edge appliances are used to create a star site-to-site VPN configuration.

Configuration Summary

Device names: CE1 (hub), CE2 (spoke), and CE3 (spoke)

  • In hub device CE1, set up two connections to the spoke devices: CE1 to CE2, CE1 to CE3

  • In spoke device CE2, set up a connection to hub device CE1: CE2 to CE1.

  • In spoke device CE3, set up a connection to hub device CE1: CE3 to CE1.

  

Configuration on CE1 (hub)

CE1 connection to CE2:

  • Local ID: CE1

  • Remote ID: CE2

    Note: CE2 is the Local ID in the CE2 appliance's configuration.
  • Local network: Address object contains IPv4 ranges for both CE1 and CE3's local networks

  • Remote network: Address object contains IPv4 range for CE2's local network

CE1 connection to CE3:

  • Local ID: CE1

  • Remote ID: CE3

    Note: CE3 is the Local ID in the CE3 appliance's configuration.
  • Local network: Address object contains IPv4 ranges for both CE1 and CE2's local networks

  • Remote network: Address object contains IPv4 range for CE3's local network

 

Configuration on CE2 (spoke)

CE2 connection to CE1:

  • Local ID: CE2

    Note: CE2 is the Remote ID in the CE1 appliance's configuration.
  • Local network: Address object contains IPv4 range for CE2's local network

  • Remote network: Address object contains IPv4 ranges for both CE1 and CE3's local networks

 

Configuration on CE3 (spoke)

CE3 connection to CE1:

  • Local ID: CE3

    Note: CE3 is the Remote ID in the CE1 appliance's configuration.
  • Local network: Address object contains IPv4 range for CE3's local network

  • Remote network: Address object contains IPv4 ranges for both CE1 and CE2's local networks