Prisma Access tunnel down

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

Prisma Access tunnel down

L0 Member

Hi Expert,

How to configure the Prisma Access Tunnel Status in Panorama to forward the email when tunnel down?

The tunnel status is in system log? And I just filter the status in system log is ok?

2 REPLIES 2

L2 Linker

Two ways...1st you look at system logs for any tunnel status error and 2nd..you can configure path monitoring for the static route created for the VPN tunnel and if the tunnel monitoring fails, it will log a path-monitor-failure entry in system logs, which indicates that tunnel has gone down.

L6 Presenter

Also check the action as it could be Alarm but the logs to show it wrong (visual bug) or for there to an exclusion:

 

https://docs.paloaltonetworks.com/pan-os/9-1/pan-os-web-interface-help/objects/objects-security-prof...

 

https://docs.paloaltonetworks.com/pan-os/10-1/pan-os-admin/threat-prevention/create-threat-exception...

 

 

Still if you don't do tcpdumps for the drop and transmit stages you can't say that palo alto is allowing the traffic. If it is better open a case .

 

https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClTJCA0

 

https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000CloNCAS

  • 1660 Views
  • 2 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!