Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
464
Views
5
Helpful
0
Replies

SD-WAN controllers behind vEdge router

samedilato
Level 1
Level 1

‎12-28-2022 01:53 AM

Hello,

I tried to setup a topology where controllers are deployed on-prem behind vEdge. vEdge router is connected to public Internet and MPLS on VPN0 and on VPN99 to the firewall over public subnet, ie. 1.1.1.0/24. On firewall I have configured 1:1 NAT from private controller IP addresses to public IP addresses 1.1.1.0/24 subnet. I have also configured U-Turn NAT so controllers can talk to each other over public IP addresses (it's working properly). I configured route leaking between VPN99 and VPN0, I see static route in VPN0 pointing to subnet 1.1.1.0/24 via VPN99, and I see static routes 0.0.0.0/0 in VPN99 via VPN0. Despite all my tries I didn't find any design guide with such topology, neither the solution where controllers are behind the vEdge. I'm not able to reach subnet 1.1.1.0/24 from public Internet or MPLS despite the VPNs routing tables show the routes with correct nexthops to the other VPN. Software version I'm using for all components is 20.7.1. Attached is a topology.

According to the documentation (Restrictions for Route Leaking and Redistribution, first point) I should be able to reach IP address of FW 1.1.1.2 but not a vEdge 1.1.1.1 but I'm not able, neither from Public to reach FW and from FW reach Public internet.

What am I missing? Anyone tried such option and can share thoughts, solution? 

 

Preview file
32 KB
0 Replies 0
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card