normally when my branch have dplc connect to HQ , i just can form VPN to HQ just fine and fast.
but when my new branch has only internet , and we also use MX at that branch. we try to form vpn to HQ via public ip.
vpn takes so long to get start and not working ,when ping to local server or internet.
my question : do we mis config ? or do we need to allow inbound port on our internet firewall at HQ ? ( we use Paloalto ) as internet firewall. i don't know if paloalto block session of these udp port or not. pls help verify
I have DC and DR (VPN concentrator same gateway router ( Paloalto) .
then all of my branch has dplc , but only one branch has local internet ( which is not working like other branch that has local dplc) , these branch are added into same template. but the branch that has local internet seem can't peer vpn to HQ.