Skip to main content
shiryunaga
shiryunaga
Visitor III
September 24, 2025
Question

SDWAN-ADVPN-BGP isolate Network

  • September 24, 2025
  • 1 reply
  • 454 views

Hello All

I already have sdwan with advpn+bgp at Site A, my question is how to config Site B but its isolate, i wanna Site A and B cant talk each other Thx u 

1 reply

GeorgeZhong
Staff & Editor
GeorgeZhong
Staff & Editor
September 25, 2025

hi,

 

Could you please kindly clarify the meaning of the 'Site B is isolated'? Did you mean no Internet connectivity?

 

If the site B needs to join the ADVPN setup, it needs to have the underlay connectivity (Internet) to the Hub's public IP to form the IPsec tunnel. Also, it should be able to talk to the public IP of the site A to form the Shortcut tunnel once it receives the shortcut offer from the hub. 

 

Regards,

George

    shiryunaga
    shiryunagaAuthor
    Visitor III
    September 26, 2025

    Thx GeorgeZhong for respond

    i wanna site A and site B cant talk each other, because advpn using same as BGP, how to make routing BGP site A and site B dont adv each other thx

    ADVPN.png

     

     

    funkylicious
    SuperUser
    funkylicious
    SuperUser
    September 26, 2025

    hi,

    for your situation i would say that you have several ways of achieving that:

    - in the current advpn setup you just block from fw rules access between them ( this involves in my opinion the least amount of work )

    - another idea would be to create a dedicated site2site vpn between site b or a ( whichever you want to isolated ) and the hub, this way it wont be part of the advpn

    "jack of all trades, master of none"
    Terms & ConditionsAccessibility statement