I am doing a new Campus install for VIA/VPN and running into issues.
I have a Controller in a DMZ with Public and Private addresses
VLAN 10 - Public IP
VLAN 20 - Private IP
Default Route - Private Network
VIA Client can pull Connection Profile across the internet and successfully connect to the VIA controller. The role assigned allows full access.
The client cannot ping anything but the two VLAN interface addresses.
The controller cannot ping the client at all.
I have an identical Lab setup and this configuration works without issue. Using the same client, across the internet (using the lab connection profiles of course) I can ping the client from controller CLI without sourcing the Interface. The LAB has default GW point to private network as well.
I have tested various VPN Pools on the controller. I tried one that uses the same address space as the Private network and have tried another one with a new network that doesnt exists in the infrastructure. No matter what network I configure, I can always ping from the controller to the client in my Lab. In the problem network, I can never ping the client.
I am lost :-(