Filter

Expand All | Collapse All

Next-Generation Firewall Docs

Getting Started
Administration
Networking
Quick Start
Reference
Incidents & Alerts
Release Notes
Select a Document
- PAN-OS 12.1
- PAN-OS 11.2
- PAN-OS 11.1
- PAN-OS 11.0 (EoL)
- PAN-OS 10.2
- PAN-OS 10.1
- PAN-OS 10.0 (EoL)
- PAN-OS 9.1 (EoL)
- PAN-OS 9.0 (EoL)
- PAN-OS 8.1 (EoL)
Help
Select a Document
- PAN-OS 12.1
- PAN-OS 11.2
- PAN-OS 11.1
- PAN-OS 10.2
- PAN-OS 10.1

Focus

Next-Generation Firewall

Tunnel Down Detected

Table of Contents

Filter

Expand All | Collapse All

Next-Generation Firewall Docs

Getting Started
Administration
Networking
Quick Start
Reference
Incidents & Alerts
Release Notes
Select a Document
- PAN-OS 12.1
- PAN-OS 11.2
- PAN-OS 11.1
- PAN-OS 11.0 (EoL)
- PAN-OS 10.2
- PAN-OS 10.1
- PAN-OS 10.0 (EoL)
- PAN-OS 9.1 (EoL)
- PAN-OS 9.0 (EoL)
- PAN-OS 8.1 (EoL)
Help
Select a Document
- PAN-OS 12.1
- PAN-OS 11.2
- PAN-OS 11.1
- PAN-OS 10.2
- PAN-OS 10.1

Tunnel Creation Failure - IPSec IKE SA Failure

Tunnel Flapping Detected

Tunnel Down Detected

Incident Code	INC_NGFW_TUNNEL_DOWN
Severity	High
Category	Network and Traffic
Subcategory	Site/Tunnel
Description	This incident detects when an IPSec tunnel goes down if tunnel monitoring is enabled on the tunnel.
Raise Condition	When a tunnel monitored IPSec VPN tunnel that goes down stays down for at least 7 mins. We'll refer to this as the hold timer window. If a tunnel flap incident is also active for the same tunnel at the time of creating this Incident, that is rolled under this as a correlated Incident.
Clear Condition	When the Tunnel comes back up and stays up for at least 15 minutes.
Probable Root Cause Incident	"INC_NGFW_TUNNEL_IKE_V2_IPSEC_SA_DH_MISMATCH", "INC_NGFW_TUNNEL_IKE_V1_IPSEC_CRYPTO_MISMATCH"

Tunnel Creation Failure - IPSec IKE SA Failure

Tunnel Flapping Detected