This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences

IPsec Vpn tunnel was down

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.

IPsec Vpn tunnel was down

netsecpen
L1 Bithead

‎04-04-2018 01:14 AM - edited ‎04-04-2018 01:26 AM

PA-850- 8.0.6-h3  Customer complains IPsec  was down how can i check it on gui sytem logs or via cli.

 

Ihave checked the Moniter>system logs and  couldnt find any logs  related to "tunnel-status-down"

Thanks,

Ranji

0 Likes Likes
4 REPLIES 4

BPry
Cyber Elite
Cyber Elite

‎04-04-2018 04:59 AM

In the GUI tunnel status is displayed under Network > IPSec Tunnels. 

The CLI is where I like to look at this simply because it gives you more information.

show vpn ike-sa gateway <gatway-name>

show vpn ipsec-sa tunnel <tunnel-name> 

 

When you setup an IPSec tunnel I would always recommend that you monitor the tunnel through IPs assigned to the tunnel interface or by monitoring an IP address local to the other side such as the firewall management IP itself. This will ensure that you are always alerted if the tunnel maybe doesn't actually go down, but stops properly passing traffic for whatever reason. 

0 Likes Likes

netsecpen
L1 Bithead
In response to BPry

‎04-05-2018 05:17 AM

Hi Bpry,

 

Appreciated  for your comments..& noted your suggestions!!

 

Actually the issue with  solarwinds reporting all the branch network devices were down at early morning around 5.25 am.

it is reported today also almost simlar time & suspect ipsec tunnel might gone down during this time. I noticed that dynamic updates scheduled to  install almost same time, but no conclusion & clues.

 

 

Regards,

R@nji

0 Likes Likes

OtakarKlier
Cyber Elite
Cyber Elite
In response to netsecpen

‎04-05-2018 11:30 AM

Hello,

Check the system logs around that time and filter by type VPN to see if there is a coorelation. Also check your polling interval in solarwinds. I also use it to monitor my VPN tunnels, but have it set to poll every 1 min that way I dont get alerts to minor things that were automatically corrected. Also check with the ISP to see if they have routing maintenance? I have seen weirder things in the past.

 

Regards,

0 Likes Likes

netsecpen
L1 Bithead
In response to OtakarKlier

‎04-12-2018 02:43 AM

Hi All

Its been escalated to support. They verified that there logs and confirmed no issues with palo alto.
Thanks
Ranji
0 Likes Likes
  • 3300 Views
  • 4 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!

LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2024 - Palo Alto Networks