VMware NSX

Hello community!

So, i am trying to install a virtual edge velocloud and it seems pretty simple. I deployed the appliance, connected to a VLAN that has access to the internet, configured the Public IP in the WAN interface and activated the Edge. But when i look in the Orchestrator it shows me the folowing message:

Connectivity through velocloud service gateway is down. The internet connection on this edge is still funcitonal.

I cannot make this work. There is no firewall between my Edge and the internet. I deployed other virtual edges in others locations with the same scenario and everything worked ok.

Am i missing something? Why it cannot connect to the Service Gateway if it has all access to Internet?

Please please help me!

If there is no NAT and no FW in between then your edge should be able to reach VCG.

If its still not happening, can you check the CLI command output "debug.py --path", it will show if VCE is trying to build any tunnels to VCG.

Also you can do packet capture on VCO for your internet interface and verify if any udp 2426 packets are going out.

Hi,

I used VMware virtual gateway to set up a test environment. I also encountered the same problem. I used Wireshark to capture packet analysis. I saw that VCE uses udp/2426, tcp/443 to connect to VCG, and I also saw that VCG uses udp/2426 connect to VCE, but the result of "debug.py --path" shows that RxState and TxState are both INITIAL instead of STABLE. What is the problem ?!

So just to update this thread. Turns out we also had a compatibility problem with our CPUs. They didn't support AES-NI, so that's why the tunnel never came up.

Hope that helps anyone!

I had the same issues and found that ISP was blocking VCMP (UDP 2426) port. Please make sure that 2426 is allowed at ISP side.

Did you ever manage to sort this?

I have the same issue in my home lab

I am using VCO 3.2.2, VCG 3.2.2, VCE 3.3.1 as these are currently the only versions available to me

I checked and my CPU is compatible with AES-NI (Opteron 6386 SE)

I am also facing the same problem is Eve-ng LAB setup .

When VCO,VCG and Edge is connected to switch in same VLAN , connectivity to VCG seems to be broken. However Edge activation process is completed, only transport/link are not visible in orchestrator

When VCO,VCG and Edge connected to cloud, everything work fine in Same LAB

I have a laundry list of symptoms (one of which is the error above), I'm hoping that maybe they are all connected.

In no particular order

1..Monitor -> Routing -> Gateway routing table.    Select my GW and segment, it just spins "Connecting to gateway"

2.. Monitor -> Edge -> Pick one of my Edges.   It shows "Connectivity through the Edge Service Gateway is down"

3..A tunnel never gets built between Edges.   Neither via the Gateway or if I define an Edge as a hub.   So any traffic that should go from Edge to Edge goes out to the Internet

4..Diagnostics -> Pick one of my Edges.   It shows "Connection to the Edge for running diagnostics tests is closed. Try reconnecting..."

My environment.

Thinkcentre server (support for AES-NI i7-10700) running Proxmox with a guest inside of Proxmox running Eve-NG.    I see "aes" in /proc/info on Proxmox, Eve-NG, Orchestrator, Gateway, and Edge.    (I found articles that said AES-NI is needed)

My "Internet" is a single "cloud" in Eve that uses registered, but fake addresses.   I have good NTP and don't rely on DNS.    I have to ignore the certs when I activate, but everyone shows connected.  (I found an article that talked about a switch being the problem and also that RFC1918 for WAN interfaces was a problem)

If I Wireshark on an Edge (and reboot it).   I never see it talk to the GW (only the Orchestrator).   When I Wireshark the Gateway, I never see it talk to an Edge (only the Orchestrator).

Anyone have any thoughts?

Have you solved this problem? How did you solve it?

It's been a while, so it's a little fuzzy.   I believe what fixed the problem for me was changing the WAN overlay type from Autodetect to User-Defined.   I remember it made activation a little harder, but I can do what I need to now.