Citrix SD-WAN Platforms
Troubleshooting
The correct private Internet Web Gateway (IWG) IP must be used in the SD-WAN Access Interface con-
figuration
• If an incorrect IWG is used in the Configuration Editor to define the WAN Link for the AWS Site
(Virtual IP Address and the correct Gateway) then Virtual Path fails to establish.
• A quick way to check if the IWG is incorrectly configured is to check the SD-WAN ARP table.
SD-WAN built in Packet Capture tool can help confirm proper packet flow
1. Navigate to the Configuration > System Maintenance > Diagnostic page of the SD-WMA AMI.
2. Select the Packet Capture tab, and set the following settings, then click Capture:
• Interfaces: To capture on eth2 which was associated with the WAN interface.
3. The capture output on the webpage must show the UDP probe packets leaving the SD-WAN SE
AMI with the WAN VIP / Private IP as the source, with a destination of the Static Public IPs used
for the MCN, also the returning UDP packet with the source of the MCN Static Public IP and the
destination of the local VIP/Private IP (which was NAT’d by the IWG).
Note
This can typically occur when an IP address is created outside of the CIDR block assigned to the
VPC.
© 1999-2021 Citrix Systems, Inc. All rights reserved. 297
To Next Page
Loading...
Need help?
General