We have the fallowing scenario:
- I have published all my sdwan controller to the public with 1:1 nat for each controller and placed them on DMZ zone.
- I have 2 Routers for testing each router have 4G modem connected to it (normal internet with a shared public ip address) these router where able to form control connection with SD-WAN controllers using public internet TLOC.
- The testing router were able to form tunnel between each other with no issue and testing using VRF 1 (VPN 1 ) as a service vpn to see traffic going between them
- I have a Router in the Datacenter behind a firewall (Same firewall that have controllers connected to it) and i have two public ISP connected to the firewall for internet connectivity , I have done the routing to establish internet connection for this router but i failed to establish control connection with controllers for some reason that i dont know.
- But i have a spare of public ip addresses and done some 1:1 natting for that router and was able to establish control connection.
- the only issue remain is that the public internet tunnel is not going up i have done everything on the firewall and allowed any any from wan to the router connection but with no luck.
Firewall : Sonicwall
There is something i am missing here or is my design approach wrong here for the datacenter router.
i have also done some testing when i connect to the router to a normal (4g internet modem ) i am able to form control connection and tunnel is going up with no issue
I have fallowed this guide by cisco:
https://www.ciscolive.com/c/dam/r/ciscolive/emea/docs/2020/pdf/BRKRST-2559.pdf#xd_co_f=MzM1MmViZjgtZmYzMC00YTIxLWIyNTMtZGMzMjE5MTZlZWE4~
Option D.
