04-02-2025 02:20 AM
I have setup VPN tunnel on VM-Series Next-Gen Virtual Firewall w/ Advanced Security Subs (PAYG) in AWS with a remote site. I am having issues to establish VPN tunnel, log shows that phase 1 & 2 is loaded. For testing purposes, I have created one policy rule to allow any traffic to pass, I believe at least phase 1 should be up. I hope someone can assist to point me what I might be doing wrong from attached screenshots.
04-02-2025 03:47 AM
Hi @karimkalunga ,
I'd start by checking the connectivity issues between VPN peers including packet capture to isolate the issue further.
The logs seems kinda scarce to identify the root issue at the moment.
Can you debug further ?
https://live.paloaltonetworks.com/t5/support-faq/support-faq-how-to-troubleshoot-ipsec-vpn-connectiv...
Kind regards,
-Kim.
04-02-2025 10:23 AM
Hi @kiwi, thank you for your prompt reply. I have an interface (different from management interface) that I've assigned a public IP address (Elastic IP) which is my peer IP. This peer IP is somehow not reachable from remote site but its public. Two other private interfaces connected to my nodes, other phase 1 configurations are the same on both sites.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
