Support

Support for business applications

Kaspersky SD-WAN

Transport services

L3 VPN transport service

Creating an L3 VPN service

Kaspersky SD-WAN
Нет результатов
Online Help
FAQ Forum Contact support Recovery tools

Creating an L3 VPN service

17 April 2024

ID 245751

Get as PDF

Before creating an L3 VPN service, you must complete the following steps:

To create an L3 VPN transport service:

  1. In the menu, go to the Infrastructure section.

    This opens the resource management page. By default, the Network resources tab is selected, which displays the table of SD-WAN and SDN controllers.

  2. Click Management → Configuration menu next to the SD-WAN Controller.

    This opens the controller configuration menu. By default, you are taken to the Controller nodes section, which displays a table of controller nodes.

  3. Go to the L3 VPN services section.

    A table of L3 VPN services is displayed.

  4. In the upper part of the page, click + L3 VPN services.
  5. This opens a window; in that window, in the Name field, enter the name of the transport service.
  6. In the Constraint drop-down list, select a previously created constraint that you want to add to the transport service.
  7. In the Balancing mode drop-down list, select the balancing mode for evenly distributing traffic among the tunnels to prevent congestion of individual tunnels and prevent performance issues for users:
    • Per-flow — Balancing across flows (sessions). During transmission, flows are evenly distributed across the tunnels. This is the default setting.
    • Per-packet — Per-packet balancing. During transmission, packets are distributed evenly across the tunnels.
    • Broadcast — Packets are sent to all tunnels simultaneously to prevent losses.
  8. Click Next to proceed to the next group of settings.
  9. In the Mode drop-down list, select the type of the L3 interface:
    • M2M service — Create an L3 interface on top of an M2M service.
    • Service interface — Create an L3 interface on top of the service interface.
  10. If in the Mode drop-down list, you selected M2M service, in the M2M service drop-down list, select the M2M service on top of which you want to create an L3 interface.
  11. If in the Mode drop-down list, you selectedService interface, configure the service interface:
    1. In the Switch and Port drop-down lists on the right, select the CPE device and the service interface created on it on top of which you want to create the L3 interface.
    2. In the QoS drop-down list, select the previously created QoS rule for the service interface.
    3. In the Inbound filter drop-down list, select the previously created traffic filter for the service interface.
    4. To display service interfaces that were previously added to transport services in the Port drop-down list, select the Show used interfaces check box. This check box is cleared by default.
  12. In the IP field, enter the IP address of the L3 interface.
  13. In the Prefix length field, enter the length of the L3 interface prefix. Range of values: 0 to 32.
  14. In the MAC address field, enter the MAC address of the service interface. You can generate a MAC address by clicking Generate.
  15. In the ARP age (sec.) field, enter the time period in seconds during which entries are kept in the ARP table on the SD-WAN Controller. Range of values: 1 to 65,535. The default setting is 200.
  16. Click + Add to create the L3 interface.

    The L3 interface is displayed in the lower part of the window. You can delete an L3 interface by clicking Delete next to it. To continue configuring the L3 VPN service, you must add at least one L3 interface.

  17. Click Next to proceed to the next group of settings.
  18. In the IP field, enter the IP address of the destination node or network.
  19. In the Prefix length field, enter the length of the destination node prefix. Range of values: 0 to 32.
  20. In the SVI drop-down list, select the L3 interface that you want to use for sending traffic packets to the destination node.
  21. In the Gateway field, enter the IP address of the gateway for routing traffic packets.
  22. In the Metric field, enter a metric for the static route. The default setting is 0.
  23. Click + Add to create the static route.

    The static route is displayed in the lower part of the window. You can delete a static route by clicking Delete next to it.

  24. Click Next to proceed to the next group of settings.
  25. Click Create.

The L3 VPN service is created and displayed in the table.

Did you find this article helpful?
What can we do better?
Thank you for your feedback! You're helping us improve.
Thank you for your feedback! You're helping us improve.