We have several site to site VPN tunnels built for different clients. We have PA500 in HA mode. When we do a failover, general traffic does succesfully failover to secondary, but the VPN tunnels does not failover and all the tunnels shows down.
Any suggestions on how to resolve this.
All the Tunnels are between Palo Alto -- Palo Alto ? and kindly update the pan os version as .that would be helpful in finding the cause
Have you tried enabling/disabling DPD and kindly check in case you have enabled passive mode
disable the same and do the fail over to test the results
The issue seems to be with our cabling part in core switch. Our VPN tunnels go through a different ISP and the cable was connected to a different port in the switch, which resulted in failover not successfull. After changing the port, it started working.
Thank you guys.. for your suggestions.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!
The Live Community thanks you for your participation!