Network Security
Strata Cloud Manager
Table of Contents
Expand All
|
Collapse All
Network Security Docs
View the Tunnel Status (Strata Cloud Manager)
Strata Cloud Manager
)View the IPSec VPN Tunnel status of the firewalls in the Strata Cloud Manager.
- Log in to Strata Cloud Manager.
- Selectand selectManageConfigurationNGFW and Prisma AccessDevice SettingsIPSec TunnelsMonitor.
- Select theConfiguration Scopeto view the IPSec VPN tunnel status. You can select a folder or firewall from yourFoldersto monitor the IPSec VPN tunnel that you created on the firewalls:
- To view the status of the IPSec tunnels on all the firewalls, select theAll Firewallsfolder.
- To view the status of the IPSec tunnels for the group of firewalls associated with a folder, select the specific folder.
- To view the status of the IPSec tunnels on a specific firewall, select the firewall.
- If you have created the VPN cluster using Auto VPN, then monitor those tunnels in theAuto VPN() page.ManageConfigurationNGFW and Prisma AccessGlobal SettingsAuto VPN
- You can monitor only on-premises firewalls and not the components managed byPrisma Access.
- Monitoring is disabled at the Global and snippet level. Therefore, you can create an IPSec tunnel in the global or snippet configuration scope, but you can monitor the IPSec tunnel only in the folder or firewall level.
- View theVPN Cluster Tunnel Statusthat provides the graphical representation of the number of tunnels that are up, the number of tunnels that are down, and the number of tunnels that are partially up.
- View theIPSec SA StatusinIPSec Tunnels.
- Green (UP) indicates a valid IPSec SA tunnel. SelectUPto view detailed information about the IPSec tunnel.
- Red (DOWN) indicates that IPSec SA isn’t available or has expired. SelectDOWNto view the detailed information to interpret the reason for failure.
- View theIKE SA StatusinIPSec Tunnels.
- Green (UP) indicates a valid IKE phase-1 SA. SelectUPto view detailed information about the IKE gateway.
- Red (DOWN) indicates that IKE phase-1 SA isn’t available or has expired. SelectDOWNto view the detailed information to interpret the reason for failure.
- View theVPN Flow Statusfor VPN traffic flow information inIPSec Tunnels.
- Green (UP) indicates that the IPSec tunnel is up. SelectUPto view detailed information about the VPN traffic flow.
- Red (DOWN) indicates that the IPSec tunnel is down. SelectDOWNto view the detailed information to interpret the reason for failure.
- SelectAdd New FilterAdd New Filterby selecting theDevice Namefrom the list, to view the IPSec tunnel status for the selected device.SelectReset Filters
- SelectUpdate Statusto update all the IPSec tunnel monitoring data present at that level (firewall, folder, or all firewalls).