Support

Support for business applications

Kaspersky SD-WAN

Tunnels, segments, and paths

Traffic encryption

Traffic encryption on a CPE device

Kaspersky SD-WAN
Нет результатов
Online Help
FAQ Forum Contact support Recovery tools

Traffic encryption on a CPE device

17 April 2024

ID 243200

Get as PDF

If traffic encryption is enabled on a CPE device, encrypted traffic is transmitted through all tunnels established with its participation. The exception is cases when you enable traffic encryption on the device, but disable it on an individual tunnel.

You can enable or disable traffic encryption in a CPE template or an individual device. When you enable or disable traffic encryption in a CPE template, it is automatically enabled or disabled on all devices that are using that template. By default, traffic encryption is disabled.

To enable or disable traffic encryption in a CPE template:

  1. In the menu, go to the SD-WAN → CPE templates subsection.

    A table of CPE templates is displayed.

  2. Click the CPE template.

    The settings area is displayed in the lower part of the page. You can expand the settings area to fill the entire page by clicking the expand icon . By default, the Information tab is selected, which displays general information about the CPE template.

  3. Select the Tunnel encryption tab.

    The traffic encryption policy is displayed.

  4. In the Default encryption policy drop-down list, select Enabled or Disabled.
  5. In the upper part of the settings area, click Save to save CPE template settings.

To enable or disable traffic encryption on an individual CPE device:

  1. In the menu, go to the SD-WAN → CPE section.

    A table of CPE devices is displayed.

  2. Click the CPE device.

    The settings area is displayed in the lower part of the page. You can expand the settings area to fill the entire page by clicking the expand icon . By default, the Configuration tab is selected, which displays the current configuration of the CPE device. This tab also displays the table of Out-of-band management CPE device configurations.

  3. Select the Tunnel encryption tab.

    The traffic encryption policy is displayed.

  4. Select the Override check box to ignore the applied CPE template and make the settings in the selected tab editable. This check box is cleared by default.
  5. In the Default encryption policy drop-down list, select Enabled or Disabled.
  6. In the upper part of the settings area, click Save to save CPE device settings.

Did you find this article helpful?
What can we do better?
Thank you for your feedback! You're helping us improve.
Thank you for your feedback! You're helping us improve.