Create a Default Route to the SD-WAN Interface
Table of Contents
Create a Default Route to the SD-WAN Interface
Create a default route to an SD-WAN interface you created
in order to bring up the firewall.
If you are using a service route to access
Panorama™, to bring up the firewall you must create a default route
that points to an SD-WAN interface you created.
Auto VPN creates a virtual SD-WAN interface named sdwan.901 for IPv4 DIA and a virtual SD-WAN
interface named sdwan.9016 for IPv6 DIA. It creates a virtual SD-WAN interface named
sdwan.902 for VPN tunnels. Auto VPN also creates its own default route that uses the
sdwan.901 (IPv4) and sdwan.9016 (IPv6) interface as its egress interface and uses a
low metric, so that the sdwan.901 (IPv4) interface and sdwan.9016 (IPv6) interface
are preferred over the default route you created.
- Log in to the Panorama Web Interface.Select the Template you are working on.Select and select a virtual router, such as sd-wan.Select Static Routes.Select IPv4 or IPv6 and Add a static route by Name.For an IPv4 Destination, enter 0.0.0.0/0. For an IPv6 Destination, enter ::/0.For egress Interface, select one of the logical SD-WAN interfaces you created to bring up the firewall.The egress interface you select can be any logical SD-WAN interface except sdwan.901, sdwan.902, or sdwan.9016.For Next Hop, select None.For Metric, enter a value greater than 50, so that this default route is not preferred over the default route that Auto VPN creates with a low metric.Click OK.Select Commit and Commit and Push your configuration changes.Commit your changes.Repeat this task for other templates on firewalls that use a service route to access Panorama.
