Limitations of VPNs in Secure SD-WAN Engine

These limitations apply to VPNs in Secure SD-WAN.

• You cannot use the same pair of endpoints for VPN tunnels in several configurations for a single Secure SD-WAN Engine. For example:
  • You cannot use the same pair of endpoints l in two policy-based VPNs.
  • You cannot create two Route-Based VPN Tunnel elements that use the same pair of endpoints.
  • You cannot create a Route-Based VPN Tunnel element that uses the same pair of endpoints that is used in a VPN tunnel in a policy-based VPN.
• VPNs are not supported on layer 2 physical interfaces on Engines.
• VPNs are not supported on Layer 2 Engines.
• If your Secure SD-WAN installation is configured in a restricted operating mode to comply with regulatory requirements, some VPN options are not available to you.
• Version-specific limitations in supported features for different Secure SD-WAN versions are listed in the Release Notes for the versions you are using. The SMC automatically prevents the use of unsupported settings based on engine version.