IPSec Tunnels BGP Fluctuation Frequently

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

IPSec Tunnels BGP Fluctuation Frequently

L2 Linker

Hi All, 

 

We have 04 IPSec VPN tunnels created on our PA FW with Public Cloud configured with BGP. (All these 04 Tunnels are created over single Internet link). All 04 peering IP of public cloud belongs to same region.

 

Pl note that these tunnels are in pair i.e. 02 tunnels are configured Active-Active (BGP) and redundant to each other to achieve the same purpose (lets say tunnel-1 & tunnel-2)  and other 02 tunnels are also configured like same way for some other communication purpose (Eg, tunnel-3 and tunnel-4)

 

Recently experience a isolation due bgp down for a pair of tunnel's simultaneously (eg tunn-1 and tunn-2) .

 

We observed BGP peering of these 04 tunnels are getting frequently down (at-least once on everyday) during different time intervals i.e. all 04 tunnels BGP peering not going down at same time. 

 

At first course of Investigation, everything looks normal at our end and looks there might me some issue at remote (public cloud) end but Not Sure.

 

Requesting if someone can share his/her thoughts here to diagnose further to get exact root cause of such BGP fluctuation on IPSec tunnel and if possible, what could be done to fix this behaviour.

 

We are running 9.0.4 firmware on PA.

1 REPLY 1

L2 Linker

Hi team, Can someone share his opinion here. Is BGP peering fluctuation on IPSec tunnels are normal.

  • 1955 Views
  • 1 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!