Document toolboxDocument toolbox

Configuring Edge Connectivity

Owned by Shirly Tsang
Last updated: Jul 19, 2023 by Alex Mandel
2 min read

An edge connectivity profile allows you to specify edges that can talk to each other through a secure tunnel as long as they are connected via the IP. The profile also allows you to use a secure third-party tunnel between an edge and other network devices in your infrastructure. Because the profile must be associated with an edge connectivity policy, you must create such a policy and then associate it with the profile when configuring it. For more details, see Configuring Third Party Connectivity, Configuring Edge Connectivity Policies, and BloxOne Service Edge.

You can place a service edge instance behind a firewall that owns a public IP address; however, the firewall must be configured for NAT port forwarding. Depending on your network infrastructure, the implementation of such port forwarding might cause difficulties in the implementation of secure edge-to-edge tunnel profiles. To overcome these difficulties and deploy edge-to-edge connectivity profiles in organizations where service edge instances are behind NAT or a firewall, Infoblox Service Edge uses the StrongSwan NAT Traversal (NAT-T) protocol wherein a mediation server is hosted in the cloud to facilitate the discovery of public- or private-address binding of each site. Each site then uses the information to attempt communication with remote peers and thus establish a NAT session in the reverse direction. The mediation server is hosted in the AWS cloud and uses ports 500 and 4500.

The Edge Connectivity page of the Cloud Services Portal displays the following information:

  • NAME: The name of the edge connectivity profile.
  • EDGES: The number of edges included in the profile. You can view details of the edges in the panel on the right, by clicking the number (in blue). The Edges dialog displays information about the edges you have included in the profile.
  • POLICY: The edge connectivity policy associated with the profile.

You can do the following on the Edge Connectivity page:

  • View the edges and other details of an edge connectivity profile: Select the profile and view its details in the panel on the right or by clicking .
  • Modify a profile: Click  > Edit, or select the checkbox for the profile and click the Edit button.
  • Remove a profile: Select the profile and click  > Remove or click the Remove button.

In this section, you will learn how to perform the following actions: