VXLAN + IPsec + SD-WAN ?
Hi all,
I'm a junior engineer so still a bit of a noob at all of this, and I wanted your opinions on the subject.
Basically, we have a client that has 2 sites and currently has an MPLS line with L2TP + IPsec running between them.
They want to modernize their infrastructure and move away from MPLS, and move to SD-WAN. They have some Fortigates so that's what we will have to work with. They will also be getting several providers to enable connectivity and SD-WAN on their sites.
For the SD-WAN, from what I was able to collect, I need to set up IPsec VPNs running through the different providers and set up an sd-wan zone with the IPsec interfaces, simple enough.
The problem though, is that my boss is telling me that they would like to continue having their VLANs stretch between the sites. From what I found, I would need to implement VXLAN, but then there comes the issue of having VXLAN + IPsec + SD-WAN at the same time.
Wouldn't this cause issues as VXLAN will encapsulate packets in a way that sd-wan won't be able to run effeciently, as well as any other issues that I currently don't know of ?
I appreciate your input on the subject, thanks !