Highlighted
Enthusiast
Enthusiast

VeloCloud SD-WAN - Connectivity through VeloCloud Service Gateway is down

Hello community!

So, i am trying to install a virtual edge velocloud and it seems pretty simple. I deployed the appliance, connected to a VLAN that has access to the internet, configured the Public IP in the WAN interface and activated the Edge. But when i look in the Orchestrator it shows me the folowing message:

Connectivity through velocloud service gateway is down. The internet connection on this edge is still funcitonal.

I cannot make this work. There is no firewall between my Edge and the internet. I deployed other virtual edges in others locations with the same scenario and everything worked ok.

Am i missing something? Why it cannot connect to the Service Gateway if it has all access to Internet?

Please please help me!

Tags (2)
4 Replies
Highlighted
Enthusiast
Enthusiast

If there is no NAT and no FW in between then your edge should be able to reach VCG.

If its still not happening, can you check the CLI command output "debug.py --path", it will show if VCE is trying to build any tunnels to VCG.

Also you can do packet capture on VCO for your internet interface and verify if any udp 2426 packets are going out.

Highlighted
Contributor
Contributor

Hi,

I used VMware virtual gateway to set up a test environment. I also encountered the same problem. I used Wireshark to capture packet analysis. I saw that VCE uses udp/2426, tcp/443 to connect to VCG, and I also saw that VCG uses udp/2426 connect to VCE, but the result of "debug.py --path" shows that RxState and TxState are both INITIAL instead of STABLE. What is the problem ?!

0 Kudos
Highlighted
Enthusiast
Enthusiast

So just to update this thread. Turns out we also had a compatibility problem with our CPUs. They didn't support AES-NI, so that's why the tunnel never came up.

Hope that helps anyone!

0 Kudos
Highlighted
Contributor
Contributor

I had the same issues and found that ISP was blocking VCMP (UDP 2426) port. Please make sure that 2426 is allowed at ISP side.

0 Kudos