Get Started with Prisma Access
What Your Prisma Access Subscription Includes
Service Infrastructure
Mobile Users
Remote Networks
Service Connections
Day-to-Day Administration
Prisma Access — Policy
Web Security Management
Identity Services
SaaS Application Management
Visibility and Monitoring
Third-Party SD-WAN Integration
Third-Party Integrations with Prisma Access
- Microsoft Integrations with Prisma Access

Troubleshoot the Viptela Remote Network

To troubleshoot problems related to SD-WAN tunnels in Viptela, refer to the Viptela documentation for configuring IPSec tunnels at the following URL: https://www.cisco.com/c/en/us/support/routers/sd-wan/tsd-products-support-series-home.html.

Prisma Access provides logs and widgets that provide you with the status of remote tunnels and the status of each tunnel.

Go to

Manage

Service Setup

Remote Networks

and check the

Status

of the tunnel.

Go to

Activity

Log Viewer

and check the

Common/System

logs for IPSec- and IKE-related messages.

To view VPN-relates messages, set the filter to

sub_type.value = vpn

The message

ignoring unauthenticated notify payload

indicates that the route has not been added in the crypto map on the other side of the IPSec tunnel after the IPSec negotiation has already occurred.

Check the

Firewall/Traffic

logs and view the messages that are coming from the zone that has the same name as the remote network.

In the logs, the remote network name is used as the source zone.

Document:Prisma Access (Cloud Management)