Loopback Address at SD-WAN

HT_JDC · ‎10-15-2024

Hello Experts,

This may be a basic item.

Why is Loopback Address necessary at SD-WAN?

Is it used for SLA? If SLA is not important, can we omit it?

Thanks in advance,

Toshi_Esumi · ‎10-15-2024

The SD-WAN itself shouldn't require a loopback interface/address on a FGT. But if you have set up two FGTs connected together over multiple VPNs and you put the multiple VPNs in an SD-WAN zone, you might want to set up a common interface/IP on the remote end to ping to with a performance SLA health-check rules so that the local end can measure which path/VPN is the best at a time in order to prefer that path.

My home FGT has SD-WAN for internet traffic steered but no VPNs to the other FGT is a member of a zone. So I don't have/need any loopback interface.

Toshi

View solution in original post

Toshi_Esumi · ‎10-15-2024

The SD-WAN itself shouldn't require a loopback interface/address on a FGT. But if you have set up two FGTs connected together over multiple VPNs and you put the multiple VPNs in an SD-WAN zone, you might want to set up a common interface/IP on the remote end to ping to with a performance SLA health-check rules so that the local end can measure which path/VPN is the best at a time in order to prefer that path.

My home FGT has SD-WAN for internet traffic steered but no VPNs to the other FGT is a member of a zone. So I don't have/need any loopback interface.

Toshi

HT_JDC · ‎10-15-2024

Dear Toshi,

Thanks for your quick reply. I understood it.

Loopback Address at SD-WAN

Nominate a Forum Post for Knowledge Article Creation

You are leaving our website