Automate the VPN show and test commands to check the tunnel status and make it UP

cancel
Showing results for 
Search instead for 
Did you mean: 

Automate the VPN show and test commands to check the tunnel status and make it UP

L1 Bithead

We have some  tunnel goes down frequently so we are planning to bring up the tunnel with  automation ( For the Monitoring team to check the status and make it UP using test command).

 

Is it possible to run below commands with some batch file/exe using powershell. My idea is to create batch file for each tunnel and run it when the same is down/alert is coming.

#show vpn ipsec-sa tunnel <Tunnel name>

#test vpn ipsec-sa tunnel <Tunnel name>

 

1 REPLY 1

L4 Transporter

Hi @Sambhu21, if you configure tunnel monitoring within PAN-OS (link), pings will be sent across the tunnel at regular intervals and the tunnel will not go down due to inactivity.

For PowerShell specifically, there is a wrapper developed within the community that may help, you may wish to use this for example to execute operational commands. However, it would be better to stop the tunnel going down in the first place, rather than focusing on automating the recovery.

Help the community: "Like" helpful comments, and click "Accept as Solution" if you found your answer 🙂
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!