Site to Site tunnels does not failover

Reply
L0 Member

Site to Site tunnels does not failover

Hi All,

 

We have several site to site VPN tunnels built for different clients. We have PA500 in HA mode. When we do a failover, general traffic does succesfully failover to secondary, but the VPN tunnels does not failover and all the tunnels shows down.

 

Any suggestions on how to resolve this.

L3 Networker

Re: Site to Site tunnels does not failover

All the Tunnels are between Palo Alto -- Palo Alto   ? and kindly  update the pan os version as .that would be helpful in finding the cause

Highlighted
L3 Networker

Re: Site to Site tunnels does not failover

Have you tried enabling/disabling  DPD and kindly check in case  you have enabled passive  mode 

disable the same and do the fail over to test the results 

 

L0 Member

Re: Site to Site tunnels does not failover

The issue seems to be with our cabling part in core switch. Our VPN tunnels go through a different ISP and the cable was connected to a different port in the switch, which resulted in failover not successfull. After changing the port, it started working.

 

Thank you guys.. for your suggestions.

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!

The Live Community thanks you for your participation!