12-19-2020 11:56 PM - edited 12-20-2020 01:56 AM
If you have topology Vmanage , Vsamrt , Vbond behind firewall , Vedge in other site also behind firewall
i configured Vedge ip address for vbond public ip , also i made nat for it on the firewall - DC 1 to 1
Vedge can,t register
any one can help ?
12-20-2020 12:32 AM
I think the suggested design is not to have vBond behind NAT.
Do you have eth0 on vBond configured for VPN0? Can you try with Gig interface on vbond in VPN0?
12-20-2020 12:56 AM
the Vbond already configured with interface Gig0/0
12-20-2020 01:54 AM
"already" .. should have shared the updated topology in the first place
12-20-2020 02:30 AM
Look at the required ports :
https://sdwan-docs.cisco.com/Product_Documentation/Getting_Started/Viptela_Overlay_Network_Bringup/01Bringup_Sequence_of_Events/Firewall_Ports_for_Viptela_Deployments
BB
***** Rate All Helpful Responses *****
How to Ask The Cisco Community for Help
12-20-2020 03:04 AM
all ports opened
12-20-2020 06:45 AM
Looks like this is LAB environment ( EVE or PNET Lab), remove FW and check with direct connection?
12-20-2020 11:13 AM
its working if i removed the public ip and used the private ip with routing
in real live there is no routing between ISP and your site , only NAT
12-20-2020 11:26 AM
is this Fortinet doing NAT here? what kind of NAT Static NAT?
12-21-2020 12:01 AM
Yes Static Nat from outside to inside
05-13-2021 12:11 AM - edited 05-13-2021 12:11 AM
You can likewise in fact out the vEdge behind a firewall with PAT, on the grounds that the vBond will work with NAT crossing, yet you're not actually going to assess a lot other than DTLS or IPSec which you're presumably not going to decode.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide
Log in to Community
