Cisco Catalyst SD-WAN Network Configuration Guide, Releases 26.x and Later

PDF

Configure TLOC extension using CLI commands

Want to summarize with AI?

Log in

Provides instructions for configuring TLOC extension, detailing step-by-step procedures for implementation within SD-WAN environments.


Follow these steps to configure TLOC extension using CLI commands:

Procedure

1.

Enter global configuration mode, and configure an interface.

Example:

Device# config-transaction 
2.

Enter SD-WAN configuration mode.

Example:

Device(config)# sdwan
3.

in the SD-WAN configuration mode, configure an interface type such as, Gigabit Ethernet.

Example:

Device(config-sdwan)# interface GigabitEthernet3 
4.

Configure tunnel interface.

Example:

Device(config-interface-GigabitEthernet3)# tunnel-interface
5.

Configure encapsulation, color, allowed services for TLOC.

Example:


Device(config-interface-GigabitEthernet3)# tunnel-interface
Device(config-interface-GigabitEthernet3)# encapsulation ipsec
Device(config-interface-GigabitEthernet3)# color color
Device(config-interface-GigabitEthernet3)# exit
6.

In the global configuration mode, configure an interface.

Example:


Device# config-transaction 
Device(config)# ip route 0.0.0.0 0.0.0.0 ip-address
7.

On device 2, the LTE WAN connection is on GigabitEthernet1 and this transport is extended to device 1 GigabitEthernet3 TLOC interface.

Example:


Device(config-sdwan)# tloc-extension GigabitEthernet1
8.

Configure NAT routes on GigabitEthernet1 for data traffic to reach back to device 1 through device 2 for GigabitEthernet3 subnet.

The following example describes how TLOC extension is configured on a network interface.


On Device1,
Configure TLOC interface on VPN 0
sdwan
interface GigabitEthernet3
  tunnel-interface
   encapsulation ipsec
   color custom1
   no allow-service bgp
   allow-service dhcp
   allow-service dns
   allow-service icmp
   no allow-service sshd
   no allow-service netconf
   no allow-service ntp
   no allow-service ospf
   no allow-service stun
   allow-service https
   no allow-service snmp
   no allow-service bfd
  exit

  Configure default route via this TLOC interface with nexthop 
  to L2 connected interface of the peer (ED2 Gig3).

  ip route 0.0.0.0 0.0.0.0 10.1.19.16

 On Device2,
LTE WAN connection is on Gig1 and this transport is extended to ED1 Gig3 TLOC interface(custom1).
 sdwan
 int GigabitEthernet3
 tloc-extension GigabitEthernet1
Configure NAT routes on Gig1 or appropriate routes for data traffic to reach back to ED1 via ED2 for Gig3 subnet.