Troubleshoot the VeloCloud SD-WAN Remote Network
Use the following resources to troubleshoot
issues with VeloCloud-Prisma Access deployments.
- Prisma Access troubleshooting—Check the status and the logs in Prisma Access.
- Go to and check theStatusof the tunnel.
- Go to and check theCommon/Systemlogs for IPSec- and IKE-related messages.To view VPN-relates messages, set the filter tosub_type.value = vpn.The messageignoring unauthenticated notify payloadindicates that the route has not been added in the crypto map on the other side of the IPSec tunnel after the IPSec negotiation has already occurred.
- Check theFirewall/Trafficlogs and view the messages that are coming from the zone that has the same name as the remote network.In the logs, the remote network name is used as the source zone.
- VeloCloud troubleshooting—In the VMware SD-WAN Orchestrator, select . The following example shows a timeout error; this type of error can indicate mismatching proposals or a gateway connectivity error. The values to check are provided in the message text.
