SASE SD-WAN Edge will not route traffic when a routed LAN interface is configured with 'NAT direct traffic' enabled.
search cancel

SASE SD-WAN Edge will not route traffic when a routed LAN interface is configured with 'NAT direct traffic' enabled.

book

Article ID: 316323

calendar_today

Updated On:

Products

VMware VeloCloud SD-WAN

Issue/Introduction

Symptoms:
  • Traffic originated from the same subnet as the routed LAN interface will fail and get dropped as soon as it is received by the edge.
  • Traffic from other subnets work fine.
The affected interface has the following properties:
  • LAN-facing
  • Routed interface
  • NAT Direct enabled


Environment

VMware SD-WAN

Resolution

This is an expected behavior. Customers are encouraged to disable 'NAT Direct Traffic' for underlay routed LAN connections. 

To check if NAT Direct Traffic setting is enabled:

  1. Go to Configure > Edge > Device Tab > Interfaces
  2. Click on the affected interface.
  3. Confirm if NAT Direct Traffic is enabled for the LAN interface, and uncheck it if necessary.

Example:image.png


Powered by Wolken Software