Skip to main content



Cisco Defense Orchestrator

Search and Filter Site-to-Site VPN Tunnels

Use the filter sidebar filter_icon.png in combination with the search field to focus your search of VPN tunnels presented in the VPN tunnel diagram. 

  • Tunnel Issues-Whether or not we have detected either side of the tunnel has issues. Some examples of a device having issues may be but not limited to is: missing associated interface or peer IP address or access list, ikev proposal mismatches, etc
  • Devices/Services-Filter by type of device.
  • Status–Tunnel status can be active or idle. 
    • Active-There is an open session where network packets are traversing the VPN tunnel or a successful session was established and hasn’t been timed-out yet. Active can assist to indicate that tunnel is active and relevant.
    • Idle-CDO was unable to discover an open session for this tunnel, the tunnel may either be not in use or there is an issue with this tunnel.
  • Onboarded-Devices could be managed by CDO or not managed (unmanaged) by CDO. 
  • Device Types - Whether or not either side of the tunnel is a live (connected device) or model device.

You can also search the filtered results by device name or IP address with search being case-insensitive. 

  • Was this article helpful?