Configure the ION Device at a Branch Site
Table of Contents
Expand all | Collapse all
-
-
- Add a Branch
- Add a Data Center
- Add a Branch Gateway
- Configure Circuits
- Configure Internet Circuit Underlay Link Aggregation
- Configure Private WAN Underlay Link Quality Aggregation
- Configure Circuit Categories
- Configure Device Initiated Connections for Circuits
- Add Public IP LAN Address to Enterprise Prefixes
- Manage Data Center Clusters
- Configure a Site Prefix
- Configure a DHCP Server
- Configure NTP for Prisma SD-WAN
- Configure the ION Device at a Branch Site
- Configure the ION Device at a Data Center
- Switch a Site to Control Mode
- Allow IP Addresses in Firewall Configuration
-
- Configure a Controller Port
- Configure Internet Ports
- Configure WAN/LAN Ports
- Configure a Loopback Interface
- Configure a PoE Port
- Configure and Monitor LLDP Activity and Status
- Configure a PPPoE Interface
- Configure a Layer 3 LAN Interface
- Configure Application Reachability Probes
- Configure a Secondary IP Address
- Configure a Static ARP
- Configure a DHCP Relay
- Configure IP Directed Broadcast
- VPN Keep-Alives
-
- Configure Prisma SD-WAN IPFIX
- Configure IPFIX Profiles and Templates
- Configure and Attach a Collector Context to a Device Interface in IPFIX
- Configure and Attach a Filter Context to a Device Interface in IPFIX
- Configure Global and Local IPFIX Prefixes
- Flow Information Elements
- Options Information Elements
- Configure the DNS Service on the Prisma SD-WAN Interface
- Configure SNMP
-
-
- Prisma SD-WAN Branch Routing
- Prisma SD-WAN Data Center Routing
-
- Configure Multicast
- Create a WAN Multicast Configuration Profile
- Assign WAN Multicast Configuration Profiles to Branch Sites
- Configure a Multicast Source at a Branch Site
- Configure Global Multicast Parameters
- Configure a Multicast Static Rendezvous Point (RP)
- Learn Rendezvous Points (RPs) Dynamically
- View LAN Statistics for Multicast
- View WAN Statistics for Multicast
- View IGMP Membership
- View the Multicast Route Table
- View Multicast Flow Statistics
- View Routing Statistics
- Prisma SD-WAN Incident Policies
-
- Prisma SD-WAN Branch HA Key Concepts
- Configure Branch HA
- Configure HA Groups
- Add ION Devices to HA Groups
- View Device Configuration of HA Groups
- Edit HA Groups and Group Membership
-
- Configure Branch HA with Gen-1 Platforms (2000, 3000, 7000, and 9000)
- Configure Branch HA with Gen-2 Platforms (3200, 5200, and 9200)
- Configure Branch HA with Gen-2 Embedded Switch Platforms (1200-S or 3200-L2)
- Configure Branch HA for Devices with Software Cellular Bypass (1200-S-C-5G)
- Configure Branch HA for Platforms without Bypass Pairs
- Prisma SD-WAN Clarity Reports
- Prisma SD-WAN Incidents and Alerts
Configure the ION Device at a Branch Site
Learn about how to configure the ION device at a branch
site.
Where Can I Use
This? | What Do I
Need? |
---|---|
|
|
Configure the branch ION device to connect to the internet and a private network.
By default, the following ports have hardware bypass capability and set to fail open
or closed:
- Ports 4/5 on the ION 2000.
- All LAN/WAN ports on the ION 3000.
- Ports 5/6 and 7/8 on the ION 7000.
- Ports 1/2, 3/4, 5/6, 7/8 on the ION 9000.
Before
you configure the device, gather the following information:
- Internet port IP address, subnet mask, and default gateway address.
- (Optional)If the device is behind a firewall, NAT IP details are required.
- LAN subnets and their VLAN IDs (if applicable) that you would like the SD-WAN system to control.
- Selectand select the device you wish to configure.WorkflowsDevicesClaimed
- From the ellipsis menu, selectConfigure the device.The device configuration screen displays.
- On theBasic Infoscreen, enter a name and an(optional)description for the device.The ION device model, redundancy mode, serial number, and software version display automatically.
- ToEnable L3 Direct Private WAN Forwarding, toggleYesorNo. By default, the BGP configuration uses a bypass pair for private WAN underlay traffic, and a Layer 3 interface explicitly enables Layer 3 Direct Private WAN Forwarding for the private WAN underlay.
- ToEnable L3 LAN Forwarding, toggleYesorNo. Yes indicates that traffic forwarding to and from LAN interface, whenEnable L3 Direct Private WAN Forwardingis enabled.
- EnabledorDisabledtheApplication Reachability Probe, is used to probe for application reachability or to check if an application is reachable on a given path. Devices use the controller port as the source probe interface by default. On devices running 5.4.1 and later versions, you can configure a LAN port as a source probe interface.
- ClickCreate an HA group, to create an ION device cluster.
- Navigate toDevice Toolkitto enable device session access.
- ForEnable Device Session Access, toggleYes.
- ForEnable Outbound SSH, toggleYes, if you want to use the device CLI commands to SSH from an ION device to another device within your enterprise network. The default value isNo.
- Change values forInactive Interval,Retry Login Count, andAccount Disabled Interval, if needed.
- You can access the device CLI from the web interface.