Configure the ION Device at a Branch Site

Learn about how to configure the ION device at a branch site.
Configure the branch ION device to connect to the internet and a private network. By default, the following ports have hardware bypass capability and set to fail open or closed:
  • Ports 4/5 on the ION 2000.
  • All LAN/WAN ports on the ION 3000.
  • Ports 5/6 and 7/8 on the ION 7000.
  • Ports 1/2, 3/4, 5/6, 7/8 on the ION 9000.
Before you configure the device, gather the following information:
  • Internet port IP address, subnet mask, and default gateway address.
  • (Optional)
    If the device is behind a firewall, NAT IP details are required.
  • LAN subnets and their VLAN IDs (if applicable) that you would like the SD-WAN system to control.
  1. From
    Claimed Devices
    , select the device to configure.
  2. From the ellipsis menu, select
    Configure the device
    The device configuration screen displays.
  3. On the
    Basic Info
    screen, enter a name and an
    description for the device.
    The ION device model, redundancy mode, serial number, and software version display automatically.
    • To
      Enable L3 Direct Private WAN Forwarding
      , toggle
      . By default, the BGP configuration uses a bypass pair for private WAN underlay traffic, and a Layer 3 interface explicitly enables Layer 3 Direct Private WAN Forwarding for the private WAN underlay.
    • To
      Enable L3 LAN Forwarding
      , toggle
      . Yes indicates that traffic forwarding to and from LAN interface, when
      Enable L3 Direct Private WAN Forwarding
      is enabled.
    • Enabled
      Application Reachability Probe
      , is used to probe for application reachability or to check if an application is reachable on a given path. Devices use the controller port as the source probe interface by default. On devices running 5.4.1 and later versions, you can configure a LAN port as a source probe interface.
    • Click
      Create an HA group
      , to create an ION device cluster.
  4. Navigate to
    Device Toolkit
    to enable device session access.
    • For
      Enable Device Session Access
      , toggle
    • For
      Enable Outbound SSH
      , toggle
      , if you want to use the device CLI commands to SSH from an ION device to another device within your enterprise network. The default value is
    • Change values for
      Inactive Interval
      Retry Login Count
      , and
      Account Disabled Interval
      , if needed.
    • You can access the device CLI from the web interface.
  5. Navigate to
    to configure the controller ports, internet ports, and the WAN/LAN ports.

Recommended For You