Verify and Troubleshoot the Aruba Remote Network
Use the procedures in this section to verify
and troubleshoot the Aruba SD-WAN.
Verify the Aruba Remote Network
To verify the status of the remote network
tunnel, perform one or more of the following steps.
- Check the state of the tunnel from the interface of Aruba Central from thegateway monitoringpage, in thetunnelssection:
- Check the state of the tunnel from Prisma Access by selecting .
- Use CLI from the BGWs, either through SSH or through the remote console provided in Aruba central.
- You can also use CLI to verify if the user is in the correct role.
Troubleshoot the Aruba Remote Network
Prisma Access provides logs and widgets that
provide you with the status of remote tunnels and the status of
each tunnel.
- Go to and check theStatusof the tunnel.
- Go to and check theCommon/Systemlogs for IPSec- and IKE-related messages.To view VPN-relates messages, set the filter tosub_type.value = vpn.The messageignoring unauthenticated notify payloadindicates that the route has not been added in the crypto map on the other side of the IPSec tunnel after the IPSec negotiation has already occurred.
- Check theFirewall/Trafficlogs and view the messages that are coming from the zone that has the same name as the remote network.In the logs, the remote network name is used as the source zone.
