VPN tunnel(s) down for Palo Alto Networks

Vendor

Palo Alto Networks

Description

Indeni will alert one or more VPN tunnels is down.

Remediation Steps

Review the cause for the tunnels being down.
Review https://live.paloaltonetworks.com/t5/Management-Articles/How-to-Troubleshoot-IPSec-VPN-connectivity-issues/ta-p/59187

How does this work?

This script uses the Palo Alto Networks API to retrieve the current status of the VPN tunnels (the equivalent of running "show vpn flow" in CLI). The script differentiates between alerts that are not "always on" (don't have a monitor set) and those that should be.

Why is this important?

VPN tunnels are one of the most critical features of a firewall. Many VPN tunnels are temporary, and may go up and down regularly, while some must be up at all times. Those that must remain up are usually set with a monitor to track their status. Knowing if a tunnel that should be up is down is critical for a quick response to service disruption.

Without Indeni how would you find this?

The VPN tunnel state is visible through the web interface. Normally, an administrator would access it after a service outage is reported.

View Source Code
single