Having issues with a fair amount of AWS VPN tunnels that will go down due to path or ISP issues but they don't come back up unless I manually bounce them on the PAN side. Configuration is standard with DPD set to 10/2 and using PBF monitoring the far ends of the tunnels. So I will see the tunnels go down and they show down in AWS but they DO NOT come back up until I manually bounce them from the IPSec Tunnels page.
Has anyone seen this before? I am seeing this across 2 separate PANs (1 x HA, 1 standalone) to separate AWS accounts/regions but the problem seems to be consistent and not sure why.
Note I am not using 'Tunnel Monitor' on the IPSec Tunnels but I am on the PBF rules, could that be the problem? Meaning I should be using TM on one or the other but not both? Someone show me the way.
Not sure if you found a solution to this...
As stated here in the KB article:
My interpretation of reading that means if the tunnel goes down (or presumably being initially set up) it will only be negotiated by interesting traffic, so you have several options to keep that interesting traffic:
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!