12-23-2024 09:40 PM
Hello. In Managed Device<Summary, Phase 2 commit shows: Warning: DP pods not connected. Could someone please help?
07-15-2025 08:47 PM
Im not sure but the reason may be IPSEC Tunnel between MP and DP Pod not established because of authentication failed.
Try to " kubectl exec -it -n kube-system <pan ngfw dep pod name> -- bash "
then " cd /var/log/pan/ "
then you should read the file named "cat charon.log"
If you saw a line such as "Authentication Failed" that mean you got same issues as my case.
Try to reach Support Case. TAC Engineer have gave me a workaround that we should bypass cert authentication for the VPN tunnel.
For workground, you can bypass certicate authentication for VPN tunnel:
"Engineering suggests to disable cert authentication and enable PSK authentication:
1. In pan-cn-mgmt-configmap.yaml, uncomment line 31 (remove the # in front of "IPSEC_CERT_BYPASS):
=====
{{- else }}
IPSEC_CERT_BYPASS: "" # No values needed
{{- end }}
=====
2. In pan-cn-ngfw-configmap.yaml, uncomment line 17 (remove the # in front of "IPSEC_CERT_BYPASS):
=====
{{- else }}
IPSEC_CERT_BYPASS: "" # No values needed
{{- end }}
=====
Then run helm install again after modifying those 2 files, and observe if the IPSec tunnel can come up."
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
