Validate Secure Access integration with Firewall Threat Defense devices

Verify tunnel statuses in Firewall Management Center

To view the SASE topology tunnels details in the site-to-site VPN dashboard, choose Overview > Dashboards > Site to Site VPN.

To see more details about each tunnel:

  1. For each tunnel, hover your cursor over a topology and click the View (View button) icon.

  2. Click the CLI Details tab.

  3. Click Maximize View. You can view the output of the following commands:

    • show crypto ipsec sa peer: Shows the number of packets that are transmitted through the tunnel.

    • show vpn-sessiondb detail l2l filter ipaddress: Shows more detailed data for the VPN connection.

Verify tunnel statuses in Secure Access

  1. In Secure Access, choose Connect > Network Connections > Network Tunnel Groups.

  2. Click the network tunnel group to view more details.

    In the Network Tunnels area, the primary and secondary tunnels will be displayed:

    • Primary1 tunnel originates from the branch's outside interface and is destined for the primary Secure Access data center.

    • Secondary1 tunnel also originates from the branch’s outside interface and connects to the secondary data center, serving as a standby for continuous connectivity.

View transcript details

In the Configuration of Secure Access Tunnels dialog box, click the Transcript Details (transcript details icon) button to view the transcript details such as the APIs, request payload, and the response received from Secure Access.

Transcript details are not available in these scenarios:

  • When you delete a Network Tunnel Group (NTG) or an endpoint.

  • When you configure any multi ISP tunnel after configuring the primary tunnel.