

When configuring Cisco [SD-WAN](/sd-wan), vBond only creates permanent DTLS tunnels with the vSmart and vManage and temporary DTLS tunnels with [WAN](/wide-area-network) Edge routers for discovery and authentication purposes. So at no point does the vBond actually need an [IPSec](/ipsec) encapsulation in its tunnel interface since it will never use IPSec.  

However, the vBond orchestrator is the same image as the vEdge router. Technically, vBond doesn’t require the `encapsulation ipsec` command but this is just the way you are required to configure it.

Links:

https://community.cisco.com/t5/sd-wan-and-cloud-networking/encapsulation-ipsec-on-vbond/td-p/4451149

https://forum.networklessons.com/t/cisco-sd-wan-controllers-installation/14869/3?u=lagapides

Cisco SD-WAN IPSec encapsulation on tunnel interface of vBond

BGP which address is used as the next hop

BGP why do we need an IGP for BGP to work

BGP why route dampening is obsolete

Best practice - concerning undebug all

Best practice - prevent connectivity loss of remote device

Bidirectional Forwarding Detection (BFD)

Broadcast MAC address

Broadcast traffic

CBC-MAC

CBWFQ and shaping

CCNP SCOR exam topics

CDP - best practices

CDP versions messages timers

CEF Load Balancing Algorithm

CISCO ASA IKEv2 hub and spoke

CLI Filtering show commands

CPM - Cisco Performance Monitor

CPM - Collect keyword

CPM - match and collect keywords

Career study advice

Carrier-Grade NAT

Certificate Authority Structure

Certification Cisco exam topics blueprint

Certifications - Continuing Education Credits

Certifications - online remote proctored exams

Cisco ASA Active-Active

Cisco ASA Active-Standby failover preemption

Cisco ASA Active-Standby

Cisco ASA HTTPS server

Cisco ASA show listening ports

Cisco Anyconnect SSL WebVPN

Cisco CCDE practice lab example

Cisco CCDE technology

Cisco CCDE

Cisco Context-Based Access Control (CBAC)

Cisco Discovery Protocol (CDP)

Cisco Feature Navigator

Cisco IOS Auth Manager

Cisco IOS Firewall feature set

Cisco IOS Order of Operation

Cisco IOS show listening ports

Cisco IOS test aaa command

Cisco Identity Services Engine (ISE)

Cisco Network Data Platform (NDP)

Cisco Pagent Router

Cisco QoS HCF shaper and bandwidth inheritance

Cisco Quantum Flow Processor

Cisco SD-Access home lab

Cisco SD-WAN Troubleshooting

Cisco SD-WAN backup vManage NMS configuration database

Cisco SD-WAN controller troubleshooting

Cisco SD-WAN export configs and files

Cisco SD-WAN export with python

Cisco SD-WAN lab options

Cisco SD-WAN rebranding

Cisco SD-WAN request upload

Cisco SD-WAN save command

Cisco SD-WAN scp command

Cisco SD-WAN vEdge Troubleshooting

Cisco SD-WAN vManage tail log

Cisco SD-WAN verify connectivity in Service VPN

Cisco SD-WAN viptela overlay network bringup

Cisco's various lines of network switches

Classification and Marking of softphone applications

Cloud Service Model - Middleware

Cloud Service Model - Runtime

Cloud Service Models

Cloud service models - IaaS

Cloud service models - SaaS

CoPP - Best practices and operation

Configuration Register

Control Plane Policing (CoPP)

Control Plane Protection

DHCP - Broadcast flag

DHCP - Cisco Client ID format

DHCP - Client ID

DHCP - DHCPv6 and the default gateway

DHCP - Message Types

DHCP - Static binding use cases

DHCP - Using the MAC as the client ID on a Cisco device

DHCP Auto Image Update support

DHCP DORA process

DHCP Request message sent as broadcast

DHCP Snooping on a multi-switch topology

DHCP client options on Cisco IOS

DHCP decline message

DHCP excluding address on a Cisco IOS DHCP server

DHCP multiple IP helper-addresses

DHCP multiple servers on the same subnet

DHCP offer message sent as broadcast

DHCP option 82

DHCP relay agent

DHCP relay support for MPLS VPN

DHCP renewal rebinding

DHCP snooping rate limiting best practice

DHCP trusted and untrusted ports

DHCP

DHCPv6 - determining the IPv6 prefix assigned to an interface