Tunnel Monitoring
Focus
Focus
Network Security

Tunnel Monitoring

Table of Contents

Tunnel Monitoring

Where Can I Use This?
What Do I Need?
  • PAN-OS
No license required
For a VPN tunnel, you can check connectivity to a destination IP address across the tunnel. The network monitoring profile on the firewall allows you to verify connectivity (using ICMP) to a destination IP address or a next hop at a specified polling interval, and to specify an action on failure to access the monitored IP address.
If the destination IP address is unreachable, you either configure the firewall to wait for the tunnel to recover or configure an automatic failover to another tunnel. In either case, the firewall generates a system log that alerts you to a tunnel failure and renegotiates the IPSec keys to accelerate recovery.
See Monitor Your IPSec VPN Tunnel for configuration details.

Recommended For You