Solved: vBond advertising private IP of vManage

dilsarahm · ‎03-20-2025

Hello all,

My network and IP addresses are as below.

Private IPs for vManage - 10.0.0.1, vBond - 10.0.0.2, vSmart - 10.0.0.3 and public addresses are vManage - 125.214.180.5 , vBond - 125.214.180.3 , vSmart - 125.214.180.4 respectively.

I have configured NAT between ISP and EDGE routers and vEdge is able to reach all above public IP addresses. But it doesn't build a control connection with vManage because vBond advertises private IP of the vManage.

I have configured NAT hairpinning and policies on FTD but it still doesn't seem to work. I have attached the configs for controllers and it would be great if any help can be given to resolve this. Thanks in advance.

Kanan Huseynli · ‎03-20-2025

Hi,

you point private IP in controller and manager configuration, that's why your NAT hair-pinning does not take effect (that traffic is not even reached to firewall).

Change vbond 10.0.0.2 to vbond 125.214.180.3 as you do for edge routers

HTH,
Please rate and mark as an accepted solution if you have found any of the information provided useful.

View solution in original post

Gyeran Mari · ‎03-20-2025

Hello.

When you configure NAT for controllers (vManage, vSmart, vBond), You have to NAT 1:1

1:1 NAT is mandatory

Please check this URL.

https://www.reddit.com/r/Cisco/comments/16nndzw/sdwan_controller_placement_and_nat/?rdt=34250

Please select as a solution If this is helpful.

Kanan Huseynli · ‎03-20-2025

Hi,

you point private IP in controller and manager configuration, that's why your NAT hair-pinning does not take effect (that traffic is not even reached to firewall).

Change vbond 10.0.0.2 to vbond 125.214.180.3 as you do for edge routers

HTH,
Please rate and mark as an accepted solution if you have found any of the information provided useful.

dilsarahm · ‎03-20-2025

Hi Kanan Huseynli,

Thanks for the reply. vEdge has control connections with vManage and vSmart now.

Thanks again-Melanka.