IPSec tunnel showing IP SLA disconnections or failure even when tunnel is up
Article ID: 368694
Updated On:
Products
Cloud Secure Web Gateway - Cloud SWG
Issue/Introduction
IPsec tunnel is established with CloudSWG datacenter.
IP SLA tracking is configured with external websites for tunnel monitor.
IPSec Firewall showing IP SLA disconnections or failures even when the tunnel is up.
Environment
Access method :
Firewall/VPN
FQDN IKEv2 Firewall
Cause
IP SLA traffic is send inside tunnel and checks connectivity.
All content filtering and Cloud Firewall Service(CFS) policies apply to this traffic.
If external websites used for testing are denied in policies, IP SLA traffic would fail.
Resolution
Use appropriate Content filtering and Cloud Firewall Service(CFS) policy rules are needed to configured to allow this traffic.
Additional Information
Feedback
Yes
No
Powered by
