Verify If Remote Network Is Connected to Prisma Access
Focus
Focus
Prisma Access

Verify If Remote Network Is Connected to Prisma Access

Table of Contents

Verify If Remote Network Is Connected to
Prisma Access

This section describes how to verify the connection status of a remote network site with
Prisma Access
.
Where Can I Use This?
What Do I Need?
  • Prisma Access (Cloud Management)
  • Prisma Access (Panorama Managed)
  • Prisma Access
    license
After you have configured the IPSec VPN device on the remote network, verify the tunnel status. When you verify the status of remote networks, remember the following:
  • Verify the status of the IPSec tunnel to your remote network.
  • The final step when verifying remote networks is to review the logs and ensure that traffic is flowing through
    Prisma Access
    . If there are errors or warnings, review the system logs in
    Prisma Access
    and local logs on the remote network device. Resolve any errors or warnings before proceeding with the configuration.
  • Continue adding remote networks as needed.

Cloud Management

Learn how to verify the remote network connection status to
Prisma Access
in this section.
Select
Prisma Access
Overview
Config Status
Remote Networks
.
If you're using
Strata Cloud Manager
, go to
Manage
Configuration
NGFW and
Prisma Access
, change the
Configuration Scope
to
Prisma Access
, and select
Prisma Access
Sync Status
Remote Networks
.

Panorama

Verify the status of an onboarded
Prisma Access
remote network connection.
  1. Select
    Panorama
    Cloud Services
    Status
    Status
    to verify that the remote network connections have been successfully deployed.
    The
    Deployment Status
    area allows you to view the progress of onboarding and deployment jobs before they complete, as well as see more information about the status of completed jobs.
  2. To display a map that shows the locations of the remote networks in the regions you have selected, select
    Panorama
    Cloud Services
    Status
    Monitor
    and click the
    Remote Networks
    tab.
  3. Select a region to get more detail about that region.
  4. Click the tabs below the map to see additional remote network statistics.
    Status
    tab:
    • Location
      —The location where your remote network is deployed.
    • Remote Peer
      —The peer to which the remote network has an IPSec tunnel connection.
    • IPSec Termination Node
      —The IPSec termination node associated with the remote network. This field only displays if you allocate bandwidth by compute location.
    • ECMP
      —Whether you have enabled
      ECMP Load Balancing
      on this remote network connection.
    • Config Status
      —The status of your last configuration push to the service. If you have made a change locally, and not yet pushed the configuration to the cloud, the status shows
      Out of sync
      . Hover over the status indicator for more detailed information. After committing and pushing the configuration to
      Prisma Access
      , the Config Status changes to
      In sync
      .
    • BGP Status
      —Displays information about the BGP state between the firewall or router at the remote network location and
      Prisma Access
      . Although you might temporarily see the status pass through the various BGP states (
      idle
      ,
      active
      ,
      open send
      ,
      open pend
      ,
      open confirm
      , most commonly, the BGP status shows:
      • Connect
        —The router at the remote network location is trying to establish the BGP peer relationship with
        Prisma Access
        .
      • Established
        —The BGP peer relationship has been established.
        This field will also show if the BGP connection is in an error state:
      • Warning
        —There has not been a BGP status update in more than eight minutes. This may indicate an outage on the firewall.
      • Error
        —The BGP status is unknown.
    • Tunnel Status
      —The operational status of the connection between
      Prisma Access
      and the remote network.
    Statistics
    tab:
    • Location
      —The location where your remote network is deployed.
    • Remote Peer
      —The corporate location to which this remote network is setting up an IPSec tunnel.
    • Ingress Bandwidth (Mbps)
      —The bandwidth from the remote network location to
      Prisma Access
      .
      For the Ingress Bandwidth, Ingress Peak Bandwidth, Egress Bandwidth, and Egress Peak Bandwidth fields, when the bandwidth consumption on a remote network goes beyond 80% of the allocated bandwidth, the numbers display in a red color.
    • Ingress Peak Bandwidth (Mbps)
      —The peak load from the remote network location into the cloud service.
    • Egress Bandwidth (Mbps)
      —The bandwidth from
      Prisma Access
      into the remote network location.
    • Egress Peak Bandwidth (Mbps)
      —The peak load from
      Prisma Access
      into the remote network location.
    To find statistics about locations in the region, select
    Bandwidth Usage
    .
    Select the check mark for a location to see detailed bandwidth usage. For deployments that allocate bandwidth by compute location, select an IPSec termination node to view statistics for that node.
    Prisma Access
    uses the 95th percentile standard to gather statistics, which tracks bandwidth at peak utilization and ignores the top 5 percent of utilization peaks and large bursts.

Recommended For You