Site to Site tunnels does not failover

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.

Site to Site tunnels does not failover

L0 Member

Hi All,

 

We have several site to site VPN tunnels built for different clients. We have PA500 in HA mode. When we do a failover, general traffic does succesfully failover to secondary, but the VPN tunnels does not failover and all the tunnels shows down.

 

Any suggestions on how to resolve this.

3 REPLIES 3

L3 Networker

All the Tunnels are between Palo Alto -- Palo Alto   ? and kindly  update the pan os version as .that would be helpful in finding the cause

L3 Networker

Have you tried enabling/disabling  DPD and kindly check in case  you have enabled passive  mode 

disable the same and do the fail over to test the results 

 

L0 Member

The issue seems to be with our cabling part in core switch. Our VPN tunnels go through a different ISP and the cable was connected to a different port in the switch, which resulted in failover not successfull. After changing the port, it started working.

 

Thank you guys.. for your suggestions.

  • 3062 Views
  • 3 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!