INC_RN_SITE_DOWN
Focus
Focus
Prisma Access

INC_RN_SITE_DOWN

Table of Contents

INC_RN_SITE_DOWN

Learn about the INC_RN_SITE_DOWN incident.

Synopsis

Remote network (RN) site <site-name> is down.
Incident Code—INC_RN_SITE_DOWN
Severity—Critical

Required License

Prisma Access

Details

Impact
RN user count when the site was down.
Raise condition
All tunnels (primary, secondary, and ECMP) for the RN site are down.
Clear condition
One tunnel (primary, secondary, or ECMP) for the RN site is up.

Correlated Alerts

  • AL_RN_ECMP_BGP_DOWN
  • AL_RN_ECMP_BGP_FLAP
  • AL_RN_ECMP_TUNNEL_DOWN
  • AL_RN_ECMP_TUNNEL_FLAP
  • AL_RN_PRIMARY_WAN_BGP_DOWN
  • AL_RN_PRIMARY_WAN_BGP_FLAP
  • AL_RN_PRIMARY_WAN_TUNNEL_DOWN
  • AL_RN_PRIMARY_WAN_TUNNEL_FLAP
  • AL_RN_SECONDARY_WAN_BGP_DOWN
  • AL_RN_SECONDARY_WAN_BGP_FLAP
  • AL_RN_SECONDARY_WAN_TUNNEL_DOWN
  • AL_RN_SECONDARY_WAN_TUNNEL_FLAP
  • AL_RN_SITE_DOWN

Remediation

Confirm whether the RN location is down by contacting the network team or users on site. If a complete network outage has occurred, contact Palo Alto Networks Customer Support Portal and provide the following detailed information:
  1. If you have multiple sites in the same SPN location, confirm whether all sites are affected or just this particular RN site is affected.
  2. Log in to your Strata Cloud Manager Managed Prisma Access or Panorama UI and check the status of the RN site or tunnel. If the RN tunnel is down, proceed to step 3 to verify whether the connectivity to the RN service IP failed. If the RN tunnel is up, proceed to step 3 to confirm whether connectivity was established correctly.
  3. Perform a ping from your machine to the RN's service IP to verify whether it fails. If the ping fails, go to step 4. If the ping succeeds, proceed to step 5.
  4. Perform traceroute to the service IP to see whether traceroute is failing within your network. If it's failing within your network, work with your network team to resolve the connectivity issue. If traceroute is failing outside of your network, contact your ISP. If you can't resolve the issue, contact Palo Alto Networks Customer Support Portal.
  5. Contact someone at the RN location to confirm whether users are able to access resources through the RN. If you can access resources successfully, confirm whether the alert is cleared.