IKE Gateway Commit Failure: Peer Gateway ID Must Be Defined

Printer Friendly Page
Did you find this article helpful? Yes No
No ratings


When configuring the remote network or service connection the commit fails:

  1. Commit fails on cloud
  2. RN or SN fails to spin up on cloud even after 10 min


  1. Please verify the commit failure reason matches the one discussed in the article. Procedure to check the commit failure reason on Prisma Access firewall
  2. Check the IKE Gateway configuration for the gateway you see commit failure. Verify Commit Status
    Configuration Errors:IKEv1 gateway <gw_name> peer gateway ID must be defined when peer address is dynamic.(Module: ikemgr) 
  3. Verify the peer IP type is dynamic


When the dynamic IP is selected, we do not know the Public IP from which the peer is connecting. IPSec would require authenticating the peer. Due to this reason, we need identification information to be defined under "Local Identification" and "Peer Identification."


IKE Gateway Peer Dynamic .png

Once the identification is configured, commit and push from Panorama.

Tags (4)
Register or Sign-in
Version history
Last update:
‎09-25-2019 08:49 AM
Updated by:
Retired Member