Hi Olivier, 

I'm not sure what is your expectations when it comes to routing, as the default is for routing to take the Overlay path through OMP and then leave on another vEdge.

If what you're trying to accomplish is DIA (Direct Internet Access) then routing between service VPN 1 and Transport VPN 0 is required.

In that case you'll need NAT on interface ge0/4

vpn 0

interface ge0/4

nat

refresh bi-directional
no block-icmp-error
respond-to-ping

Plus you'll need at least one of this two features:

• Traffic data policy for DIA, accomplished by policy configuration on vManage and applied to the vSmart, which is then pushed to the vEdge
• Static default route (or other prefixes) towards vpn 0, similar to IOS route leak from VRF to Global routing table.

The default route configuration can be done in this way:

vpn 1

ip route 0.0.0.0/0 vpn 0

commit

However bear in mind that if you want private IP addresses to reach somewhere on the VPN1 you'll other routes let's RFC1918 prefixes, otherwise all the traffic is leaked to VPN 0.

Any further questions please ask

Hi,

everything works now.

Thanks you very much for this!

Olivier

Hi Olivier, 

That's good news, glad I could help.

Regards

Just one more thing: I want my router to forward DNS requests to VPN 0 too.

How can I do that?

Hi, 

One thing you could do is this:

vpn xx

 ip route {dns_ip_address/32} vpn 0

Or you could do a taffic data policy that matches UDP 53 and set nat-vpn 0 on that policy.

Best Regards, 

The thing is that I want to set my router as DNS server in my network and want it to forward DNS requests to internet (port 4 is connected to an internet router and gets its IP address from DHCP).

I already have a static route on VPN 1 to forward everything to VPN 0.

Hi Olivier, 

As far as I'm aware you can only configure DNS Servers for the customers to query, or dns-redirect for bypassing umbrella for example.

Setting the router as dns server as you usually do on regular IOS routers, I don't think that's possible.

Thank you, 

Best regards,