Fortinet, Inc.
AUTOMATIC ESTABLISHMENT OF NETWORK TUNNELS BY AN SDWAN CONTROLLER BASED ON GROUP AND ROLE ASSIGNMENTS OF NETWORK DEVICES

Abstract:

Systems and methods for automatically building up a VPN to facilitate full-mesh communication within an enterprise based on group and role settings of the participating network devices are provided. An SDWAN controller associated with a private network receives configuration information related to group setting and role setting for various network devices of the private network. The group setting indicates a group with which a network device is associated and the role setting specifies a role of the network device within the group as of either a hub or an edge. The SDWAN controller determines IPsec configuration information for generating VPN links between the network devices of the groups to enable full-mesh communication among the groups. The SDWAN controller further directs the network devices to set up IPsec tunnels by pushing the determined IPsec configuration information to the network devices.