In this video, we’ll talk about and troubleshoot some IPSEC UDP tunnel down situations.
We’ll start by listing common reasons tunnels might go down, then we’ll move on to defining the troubleshooting scope, examine tools such as the Topology page, Live View and Alarms.
Lastly, we’ll do some live troubleshooting to bring it all together.

Timestamps

00:00 Intro
02:24 Troubleshooting
04:13 Interface link down
05:04 Next-hop down
06:20 NAT configuration
08:19 CG-NAT to CG-NAT unsupported
08:54 Live view and traceroute
09:52 Tunnel flapping
11:02 Running tcpdump
12:48 Tunnel packets seen in one direction only on both appliances
13:52 Tunnel packets bidirectional on one appliance but one-way only on the other appliance
15:10 Tunnel key mismatch