Types of Tunnels Formed by WAN Edge Router in Cisco SD-WAN Fabric

D.

When a WAN Edge router connects to the Cisco SD-WAN fabric, it forms two types of tunnels: DTLS/TLS tunnels and IPsec tunnels. The DTLS/TLS tunnels are used for control plane communication between the WAN Edge router and the centralized controllers, while the IPsec tunnels are used for data plane communication between the WAN Edge router and other WAN Edge routers in the overlay network.

Based on the given options, the correct answer is A. This is because the WAN Edge router forms a DTLS/TLS tunnel with the vSmart controller for control plane communication and an IPsec tunnel with the vBond controller for data plane communication.

Option B is incorrect because the WAN Edge router does not form an IPsec tunnel with the vManage controller. The vManage controller is responsible for network management and monitoring, and does not participate in data plane communication.

Option C is also incorrect because the WAN Edge router does not form an IPsec tunnel with other WAN Edge routers. WAN Edge routers use IPsec tunnels to communicate with each other only if they are part of the same site or if they are configured to use a hub-and-spoke topology.

Option D is incorrect because the WAN Edge router does not form an IPsec tunnel with other vSmart controllers. The vSmart controllers are responsible for control plane communication, and do not participate in data plane communication.

Therefore, the correct answer is A, which states that the WAN Edge router forms a DTLS/TLS tunnel with the vSmart controller and an IPsec tunnel with the vBond controller.