Support

Support for business applications

Kaspersky SD-WAN

Managing CPE devices

Out-of-band management of CPE devices

Kaspersky SD-WAN
Online Help
FAQ Forum Contact support Recovery tools

Out-of-band management of CPE devices

April 9, 2024

ID 251415

Get as PDF

As part of the deployed Kaspersky SD-WAN solution, the orchestrator interacts with CPE devices via an overlay SD-WAN network and is in-band. However, the solution also supports out-of-band management (hereinafter also referred to as OOB management), which involves the exchange of control traffic between the orchestrator and the devices through the underlay network via HTTPS or TLS without using links.

OOB management lets you manage and diagnose CPE devices even in the absence of established links. For example, you can use OOB management if you are using only local breakout connection points or when the SD-WAN suffers an accident.

After registration, the CPE device starts sending API requests to the orchestrator at a certain interval to retrieve new configurations. This time interval is specified when configuring the connection of the device to the SD-WAN in the Update interval (sec.) field.

When you make changes to the CPE device configuration in the web interface, the orchestrator saves the new configuration with the Waiting status. The device, in turn, retrieves this configuration at the next API request and notifies the orchestrator if the configuration is successfully applied. If that is the case, the status of the configuration changes to Executed. If the device reports that the configuration could not be applied, the status changes to Error.

Before applying the new configuration to the CPE device, the current configuration is copied. If the device cannot send a confirmation message to the orchestrator after successfully applying the new configuration, it is rolled back to the previous version after 3 attempts. In this case, the configuration on the orchestrator also changes to the Error status.

You can view configuration statuses on an individual CPE device.

To view the configuration statuses:

  1. In the menu, go to the SD-WAN section.

    By default, the CPE subsection is displayed with a table of CPE devices.

  2. Click the CPE device.

The settings area is displayed in the lower part of the page. You can expand the settings area to fill the entire page by clicking the expand button . The configurations and their statuses are displayed in the Out-of-band management table.

Did you find this article helpful?
What can we do better?
Thank you for your feedback! You're helping us improve.
Thank you for your feedback! You're helping us improve.