- Access exclusive content
- Connect with peers
- Share your expertise
- Find support resources
01-12-2024 12:25 PM
I have a HA pair of PA 5220s at the HQ location and a PA-850 at a secondary DR location. We have about 100 remote sites that have a primary Site-to-Site VPN connection to HQ and a secondary connection to the DR location. Each of which have their own IKE Gateway configuration. I've just noticed that when I look at the Network/Interfaces/Ethernet at HQ and DR, the Outside interface has a single IKE gateway showing up in the Features column. What is the purpose of this?
Everything seems to be working, I just found it odd that this would appear. We're running 10.1.10-h2
Thanks
Ken
01-16-2024 03:34 AM
It's just parsing the configuration and displaying the last entry utilizing that interface. I honestly couldn't tell you why PAN feels the need to display the entry utilizing the interface at all, but that's just what they've decided to do. Regardless of how many gateways you have, you'll only ever see a single entry.
The same behavior is displayed for any other feature you have assigned to the interface. You'll see the exact same behavior for GlobalProtect Portal/Gateway as well, where regardless of how many you have assigned to the interface it'll only show a single entry in the GUI under interfaces.
01-12-2024 10:08 PM
It shows what features this interface has attached to.
Here is example if you attach QoS, IKE and LLDP at the same time.
01-15-2024 06:25 AM
Thanks for the response. I understand what the column is for but what I don't understand is why there is only 1 Ike gateway showing as attached when we have almost 100. If I hover over the Ike gateway, the name displayed isn't even for the gateway at the device. It's for one of the remote sites, not the Gateway assigned at the interface.
Thanks
01-16-2024 03:34 AM
It's just parsing the configuration and displaying the last entry utilizing that interface. I honestly couldn't tell you why PAN feels the need to display the entry utilizing the interface at all, but that's just what they've decided to do. Regardless of how many gateways you have, you'll only ever see a single entry.
The same behavior is displayed for any other feature you have assigned to the interface. You'll see the exact same behavior for GlobalProtect Portal/Gateway as well, where regardless of how many you have assigned to the interface it'll only show a single entry in the GUI under interfaces.
01-16-2024 06:13 AM
Thanks for the clarification. I was beginning to think I had a misconfiguration or some other issue.
Thanks
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!