Support

Support for business applications

Kaspersky SD-WAN

Managing CPE devices

SD-WAN managementTunnel management transport service

Kaspersky SD-WAN
Online Help
FAQ Forum Contact support Recovery tools

SD-WAN managementTunnel management transport service

April 9, 2024

ID 238920

Save as PDF

Kaspersky SD-WAN uses the SD-WAN managementTunnel P2M transport service for managing and monitoring CPE devices. The root interfaces of this transport service are the service interfaces on one or more CPE devices behind which are the control plane components.

After a CPE device connects to an SD-WAN Controller, a service interface with the Access encapsulation type is automatically created on top of the ovs-mgmt OpenFlow interface. The orchestrator activates the CPE device and adds this service interface to the SD-WAN managementTunnel management transport service with the Leaf role (see the figure below).

The diagram shows the primary path and reserve paths from the CPE device to the SD-WAN gateways.

CPE device management transport service

The IP address for managing the CPE device is determined automatically from the pool of addresses configured by you. When a CPE device is deleted, the IP address associated with it is returned to the address pool. The VNF and PNF components communicate with each other and with the orchestrator using public IP addresses.

You can provide access to the web console of the CPE device and configure an SSH connection to the console using a CPE template. Note that to do this, you do not need to configure IP connectivity with the device.

VNFM provides access to the device console through the SD-WAN managementTunnel transport service.

Did you find this article helpful?
What can we do better?
Thank you for your feedback! You're helping us improve.
Thank you for your feedback! You're helping us improve.