From the course: Implementing Cisco Software-Defined Wan (SD-WAN) for your Enterprise and Cloud

Unlock this course with a free trial

Join today to access over 24,600 courses taught by industry experts.

VPN membership policy

VPN membership policy

- [Instructor] In this lesson, we're going to talk about the VPN membership policy. Now, by default, when you provision a VPN feature template to a edge device, the vSmarts will then advertise all the routes for that VPN to it. So this is a way that we can actually control that. So basically the VPN membership policy is going to specify which VPNs will be permitted to join the fabric from that site. So any VPN that's not identified in that VPN membership will not be rejected at that site, and therefore, will not be installed. So typically this is going to be used as a method of containing traffic locally at a site, i.e., the guest network. We've talked about that while we were using ACLs, and we talked about that in the data policy lesson where we're trying to use that to contain the traffic flows. This is another method of how we can do this, okay? Some people actually use this as a method of protecting sensitive VPNs from being provisioned at other locations by mistake or through…

Contents