If the Dynamic Branch to Branch VPN tunnel goes down, the traffic will go down, and even if the cause of the Dynamic Branch to Branch VPN tunnel going down is resolved, the traffic will not recover.

The conditions under which the issue occurs are follows

In the non-global segment of the Profile applied to the Branch
・Dynamic Branch to Branch VPN is enabled
・Hubs for VPN is selected
In the Profile applied to the HUB, the above non-global segment does not exist

Velocloud SDWAN, VMware SDWAN, Dynamic Branch to Branch VPN

If the Dynamic Branch to Branch VPN tunnel goes down, the Branch will forward the traffic to the HUB. However, if there is no segment on the HUB for the Branch to send to, the HUB will not recognise the traffic and the traffic will go down.

You can avoid this completely by adding the non-global segment to the HUB and adding the interfaces that belong to the segment.

If you are unable to change the settings, you can use the following workaround.

• Reconnect the Branch to Branch VPN again by creating a new flow on the Branch
• Delete the flow using Flush Flows on "Remote Diagnostics".