PA S2S VPN Issue

Showing results for 
Show  only  | Search instead for 
Did you mean: 

PA S2S VPN Issue

L2 Linker

We conenct to a remote site via a Site 2 Site VPN and access lots of service hosted on that site.


Recently we have wanted to allow access to a SQL server hosted at the central site.

They have been given a local SQL account which works fine. 


But the issue is that , they can connect and authenticate but as soon as they try and pull some data out of the SQL server they get a time out error  I have looked at the PA logs and can see traffic coming in from the remote end but nothing going back to client. There is no dropped traffic between the two site. 


Also , looking some wireshark data on the SQL server , I can see they there are lots of keep alive from the SQL server to the remote end and there is a TCP RST. 


Both servers can ping each other so not routing issue.


The firewall rule pretty much open , in the sense that all traffic is allowed between both sites , so it cannot be that. 

There is no NAT between the two sites


I am thinking that the PA is dropping traffic but is not logging it. 

The other end is not a PA firewall


Can anyone advise or seen this issue before.





Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!