Hi, I am using a vmx in AWS in nat mode. So MX -> VMX -> AWS Subnets It seems that any traffic that has it source ip from a subnet defined as a static route and is enabled in vpn does not get routed back by the vmx over the site2site tunnel but egresses over the wan / internet interface. So: VMX - advertises 10.1.1.0/24 (via static route) MX advertises 10.100.0.0/24 both are seen in the site-2-site as local networks / remote vpn participants so i ping from 10.1.1.1 -> 10.100.0.1 it gets natted over the interface using the public ip. I was assuming any IP destination for a subnet in the vpn would be sent over the vpn tunnel and not natted out as being external to vpn. This seems incorrect for me. Can anyone confirm this behaviour as being correct ? Thanks.
... View more