here it is, its pretty basic ....I dont have any access lists

Building configuration...

Current configuration : 12703 bytes
!
! Last configuration change at 09:38:55 EAT Tue Oct 30 2018 by admin
!
version 16.7
service timestamps debug datetime msec
service timestamps log datetime msec
platform qfp utilization monitor load 80
no platform punt-keepalive disable-kernel-core
!
hostname HQSC-IEG-1
!
boot-start-marker
boot-end-marker
!
!
vrf definition Mgmt-intf
!
address-family ipv4
exit-address-family
!
address-family ipv6
exit-address-family
!
vrf definition HQSC-MTNEDGE-VRF
description " internet VRF"
rd 64884:1
!
address-family ipv4
exit-address-family
!

!
!
aaa new-model
!
!
aaa authentication login default local enable
aaa authentication login console local enable
aaa authentication enable default enable
aaa authorization console
aaa authorization config-commands
aaa authorization exec default local if-authenticated
!
!
!
!
!
!
aaa session-id common
clock timezone EAT 3 0
!
no ip bootp server
no ip domain lookup
ip domain name nf.kenya.co.ke
ip cef accounting non-recursive
!
!
!
!
!
!
!
!
!
!
subscriber templating
!
!
multilink bundle-name authenticated
!
enrollment selfsigned
revocation-check none
!
!
!
no license smart enable
diagnostic bootup level minimal
!
!
!
!
redundancy
mode none
!
!
!
cdp run
!
!
!
!
!

!
interface TenGigabitEthernet0/0/0
no ip address
shutdown
!
interface TenGigabitEthernet0/0/1
no ip address
shutdown
!
interface GigabitEthernet0/0/0
description "LINK TO DC SWITCH 1"
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
negotiation auto

!
interface GigabitEthernet0/0/0.12
description " INTERNET CONNECTION To DC SWITCH"
encapsulation dot1Q 12
vrf forwarding HQSC-MTNEDGE-VRF
ip address 10.0.0.1 255.255.255.248
no ip redirects
!

!
interface GigabitEthernet0/0/1.12
description INTERNET LINK
encapsulation dot1Q 12
vrf forwarding HQSC-MTNEDGE-VRF
ip address 10.20.0.1 255.255.255.252
no ip redirects
!

Hello,

as far as I can tell you have only one VRF, but Vlan 12 is configured twice, with different IP addresses ?

as of now there is just one vrf , I want both sub-interfaces to be in vlan 12 , I am able to ping the next hops of the respective sub-interfaces but I just cant ping between the sub-interfaces if use ping vrf <vrf-name > 10.0.0.1 source 10.20.0.1. and hence the next hops of the respective sub-interfaces (10.0.0.2 and 10.20.0.2) cannot ping each other which is essentially what I'm trying to achieve.

This is the only way to do it in this environment , kindly help

I have added the "ip routing" command ,now the sub-interfaces  (10.0.0.1 , 10.20.0.1 )can ping each other but the next hops still cannot ping each other  (10.0.0.2 , 10.20.0.2 ). I believe I'm missing something pretty simple here kindly help guys  

Hi.

Some questions.

Can you ping each of the other sides of the Point-to-Point interfaces? From HQSC-IEG-1

ping vrf HQSC-MTNEDGE-VRF 10.20.0.2
ping vrf HQSC-MTNEDGE-VRF 10.0.0.x

for subinterfaces 0/0/0.12 and 0/0/1.12 are the other sides in a vrf also? or the other sides are in a global routing table? I ask you this, because, it seems that may be devices in network 10.20 does not have the way back to network 10.0.0.1 and vice versa.

this can be solved adding a default route or a DG on those devices pointing to HQSC-IEG-1.

If the interfaces on those devices are inside a vrf, the default route or DG must be in that vrf. If the interfaces are in the global routing table, with just a static route / DR or DG should fix the problem.

Examples:

From device connected to 0/0/0.12

ip route 0.0.0.0 0.0.0.0 10.0.0.1

or (in case the other side be in the same vrf)

ip route vrf HQSC-MTNEDGE-VRF 0.0.0.0 0.0.0.0 10.0.0.1

From device connected to 0/0/1.12

ip route 0.0.0.0 0.0.0.0 10.20.0.1

or (in case the other side be in the same vrf)

ip route vrf HQSC-MTNEDGE-VRF 0.0.0.0 0.0.0.0 10.20.0.1

BR

Gaston