One or more VPN tunnels are down.
Review the cause for the tunnels being down.
How does this work?
This script uses the Palo Alto Networks API to retrieve the current status of the VPN tunnels (the equivalent of running show vpn flow in CLI). The script differentiates between alerts that are not always on (dont have a monitor set) and those that should be.
Why is this important?
VPN tunnels are one of the most critical features of a firewall. Many VPN tunnels are temporary, and may go up and down regularly, while some must be up at all times. Those that must remain up are usually set with a monitor to track their status. Knowing if a tunnel that should be up is down is critical for a quick response to service disruption.
Without Indeni how would you find this?
The VPN tunnel state is visible through the web interface. Normally, an administrator would access it after a service outage is reported.
View Source Code