This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences

IKE Gateway Commit Failure: Peer Gateway ID Must Be Defined

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

IKE Gateway Commit Failure: Peer Gateway ID Must Be Defined

Sai_Tumuluri
L4 Transporter

on ‎08-15-2019 02:07 PM - edited on ‎09-25-2019 08:49 AM by Retired Member

100% helpful (1/1)

Symptoms

When configuring the remote network or service connection the commit fails:

  1. Commit fails on cloud
  2. RN or SN fails to spin up on cloud even after 10 min

Diagnosis

  1. Please verify the commit failure reason matches the one discussed in the article. Procedure to check the commit failure reason on Prisma Access firewall
  2. Check the IKE Gateway configuration for the gateway you see commit failure. Verify Commit Status
    Configuration Errors:IKEv1 gateway <gw_name> peer gateway ID must be defined when peer address is dynamic.(Module: ikemgr)
  3. Verify the peer IP type is dynamic

Solution

When the dynamic IP is selected, we do not know the Public IP from which the peer is connecting. IPSec would require authenticating the peer. Due to this reason, we need identification information to be defined under "Local Identification" and "Peer Identification."

 

IKE Gateway Peer Dynamic .png

Once the identification is configured, commit and push from Panorama.

Rate this article:
(1)
0 Likes Likes
  • 9141 Views
  • 0 comments
  • 0 Likes
Register or Sign-in
Contributors
Article Dashboard
Version history
Last Updated:
‎09-25-2019 08:49 AM
Updated by:
Retired Member
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2024 - Palo Alto Networks