SD-WAN for applications

KwevinCKwevinC
in Firebox - Networking, Multi-Wan, VLAN, NAT, SD-WAN

Hey everyone. I was wondering, is there a way to configure SD-WAN to do the following? I basically have an infrastructure that has Multi-WAN configured with two external interfces. What I'd like to do is make it so that when users use certain applications like zoom, anydesk, meet, wetransfer which usually use up quite a lot of bandwidth to use a dedicated external interface. Eg.: Are you using outlook? Ok for that traffic ur gonna use the main external interface. Are you using zoom? Okay since I recognise the software I'm gonna use this other (secondary) interface for this type of traffic so that you don't end up eating my entire main interface bandwidth. I hope that what I'm asking makes sense, don't hesitate to ask questions I'm completely open.

Answers

  • Bruce_BriggsBruce_Briggs

    Certainly not easily.
    SD-WAN actions are applied to policies.
    So you would need to find a way to have a policy for the apps that you want to use WAN2.
    There is no easy way to construct 1 or more such policies - perhaps by specifying appropriate domain name used by them, or for selected apps, by the outgoing port being used, etc.

    Note that the 1st policy which matches the port, source & dest will be used to process that packet and no later policy will be used, so you can't have 2 HTTPS policies actually being used with the same source & dest, each for different apps.

  • PhilT_VITPhilT_VIT
    edited April 6

    I actually asked Support a near identical question, and given that I did find one of the competitors has similar functionality, they agreed to log/link my ticket to a feature request (text given by Support):

    FBX-17460 Ability to route traffic based on application to different WAN connection.

    Suggest open a support ticket and ask if the feature request number I've given above matches your scenario (I think it will).

    For now you'd have to have a policy that has the IP addresses/subnets/FQDNs of the specific service in the destination/to field and apply SDWAN routing to that policy.
    Thankfully most services have published lists of what you'd need to put into the policy to achieve this for now.

Sign In to comment.