Symptom
We have Vedge 1000 on version 20.6.2
===Topology===
PC--->PaltoAlto------Sig tunnel----Vedge1000 ----Service VPN-------Switch
== Working Scenario ==
1. We can ping from Switch to the PC
=== non working scenarion ====
1. We cannot Ping from PC to Switch
2. We did Packet tracers on Vedge and we can see Vedge is dropping the packets after ipsec decrypt.
++ We have tested the above topology by replacing Vedge with Cedge Sig tunnel and it works fine.
Conditions
Traffic originating from internet over sig tunnel and going to Service VPN. Issue happen on Vedge and not Cedge
when configure ip service-route x.x.x.x/x vpn 0 service sig, under service VPN traffic not pass to internet starts drop while the tunnels are up.
changing vlanID to other Works but not work for VLAN2
Workaround
use this command under service VPN:
ip ipsec-route x.x.x.x/x vpn 0 interface ipsec11 ipsec1
changing vlanID to other Works
Further Problem Description
n/a
