A classic case where connection establishment between SDWAN RR and CPE fails

The connection between headquarters and branches uses carrier links over the internet. The headquarters has a fixed public IP address, while branches obtain addresses via DHCP, resulting in non-fixed addresses. The TTE connection cannot be established between headquarters and branches.

1. Check that the TLS connection between the headquarters and branch is successfully established.

2. Check that only local tte information exists at the headquarters and branch, with no tte information from the peer device.

3. Further check that there is no stun server configuration in the branch tunnel.

The branch does not have a fixed public IP address; you need to specify the STUN server in the WAN details