VPN shows that connection is established and "Test connection" shows that everything is fine:
But the local site and the cloud site cannot reach each other. Any recovery or primary server does not respond to ping and is unreachable. The arp table might show the MAC address tied to that IP and the MAC address is the correct address of NIC on the cloud server:
Promiscuous mode/MAC address spoofing is disabled on your site. It must have been enabled on the virtual port group where the VPN appliance is connected to.
- Locate the VPN Appliance port group:
- Select the host, open Configuration -> Networking -> locate the virtual switch with your port group and click Properties of that virtual switch:
- Select the port group, click Edit, open the Security tab and enable Promiscuous mode and Forged transmits by marking the check box and clicking Accept:
Log in to the web-interface, open Networking, locate the port group, edit its settings and enable Promiscuous mode and Forged transmits in Security:
Right-click the VPN Appliance VM -> Settings. Open Network adapter -> Advanced features and mark the check box Enable MAC address spoofing:
More information is available here.