Is it possible to monitor VPN tunnels using an internal source IP on my tunnel interface and the external IP of the other system? I won't always have control/access to the other side of the tunnel, I may only know the local subnet(s) and the external IP.
Solved! Go to Solution.
if you 'number' all your tunnels (set a /30 subnet ip on each end) you can simply monitor the remote tunnel interface
I don't follow you. I don't have access to each end, I only have access to my end. I know the external IP and the local subnets of the other end. The other end is generally not a PA firewall.
Can you give an example of what should be set for IPsec Tunnel -> Tunnel Monitor -> Destination IP ?
Okay, I've got it figured out. I also see the tunnel-status-up and tunnel-status-down messages in the system logs.
Are there any plans to add a GUI indicator for tunnel monitoring status?
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!