Yes, this is expected behavior. Unless you configure a different source IP in the overlay, it'll source the DMPO traffic from the interface IP and since you're using RFC 1918 addresses, they'd need to be NAT'd by your upstream router before being sent out to the internet (or encapsulated across your VPN).
No need for static routes though as long as you've configured a gateway IP in the interface config (and optionally a next hop in the overlay config if overlay traffic needs to go somewhere different for some reason). Going to the "Configure" > "Edges" or "Profiles" > "Device" tab is where you'd configure that though if you need to.
Thank you for your reply
I did some modification but still I can't get the tunnel running
I activated the UDP hole punch, defined static IPs and modified the cloud VPN configuration, on GE3 I can see overlay WAN IP from both edges as public IPs
When I go to diagnostics - > test path I can only see Gateway option and not GE3
when I check test VPN , I am getting failed.
your kind input is much appreciated
Can you share the following details with me:
- Are these 2 devices in same profile?
- If so, Can you share a screenshot of your profile?
- Do the 2 devices have a common gateway? You can find out with list paths under remote diagnostics.
- Make sure your modems are allowing UDP2426 both ways.
The problem was that I used a mobile hotspot for one of the edges for internet connection, and it seems that it doesn't support port forwarding.
I changed to a normal router and it worked.