This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Who Me Too'd this topic

Palo Alto troubleshooting tool for IPsec

didier.bonato
L1 Bithead

‎12-16-2021 12:09 AM - edited ‎12-16-2021 12:34 AM

Hello

 

I established an Ipsec tunnel (policy based) between palo Alto and Cisco FW.

phase 1 & phase 2 are up and running but trying to transfer data, fail.

Capture packet (merge recieved and transmit) shown

Source : SYN

Dest : SYN ACK

And then Dest :  retransmit SYN ACK.

 

If this capture is within transmit pcap, this mean the re transmission packet have been forwarded  into the IPSEC Tunnel (egress interface) ?

transmit.png

 

Previoulsy, I was working with Checkpoint and able to use command line FW MONITOR to know if my packet was forward/encrypted to the tunnel. (this mean problem is located on FW itself or after the FW.

Is it a tool that permitting to know if this SYN ACK packet is forwarded into Interface tunnel or not ?

 

Regards

 

 

 

1 person had this problem.
0 Likes Likes
Who Me Too'd this topic
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2024 - Palo Alto Networks