Hello,

I'm trying to establish sdwan solution in my lab but i have to have c8000v routers in inline mode - controllers and routers are in one DC and controllers are behind c8000v

Someting like figure 71 in design guide 

https://www.cisco.com/c/en/us/td/docs/solutions/CVD/SDWAN/cisco-sdwan-design-guide.html

And right now I have a problem with branch router - I can't reach controllers through router in DC despite of having good routing

Does anybody has working configuration of C8000/C8000v and could share as an example of course without private data.

My config looks like this: 

!
interface Loopback1
ip address 172.16.255.1 255.255.255.255
!
interface Loopback2
ip address 172.16.255.2 255.255.255.255
...
!
interface Tunnel1
ip unnumbered Loopback1
tunnel source Loopback1
tunnel mode sdwan
!
interface Tunnel2
ip unnumbered Loopback2
tunnel source Loopback2
tunnel mode sdwan
!

...

!
interface GigabitEthernet2 - > WAN Side
description TO WAN
ip address 192.168.100.1 255.255.255.252
negotiation auto
no mop enabled
no mop sysid
!

...

!
interface GigabitEthernet4 - > Controller Side
description TO DC
ip address 172.32.1.2 255.255.255.0
negotiation auto
no mop enabled
no mop sysid
!

...

!
sdwan
interface Loopback1
tunnel-interface
encapsulation ipsec
color mpls
max-control-connections 0
bind GigabitEthernet2
allow-service all
allow-service bgp
allow-service dhcp
allow-service dns
allow-service icmp
allow-service sshd
allow-service netconf
allow-service ntp
allow-service ospf
allow-service stun
allow-service https
allow-service snmp
allow-service bfd
exit
exit
interface Loopback2
tunnel-interface
encapsulation ipsec
color metro-ethernet
bind GigabitEthernet4
allow-service all
allow-service bgp
allow-service dhcp
allow-service dns
allow-service icmp
allow-service sshd
allow-service netconf
allow-service ntp
allow-service ospf
allow-service stun
allow-service https
allow-service snmp
allow-service bfd