When there's an issue with a Skytap VPN (e.g., intermittent or no connectivity between Skytap and on-prem networks), there are two initial troubleshooting steps that can oftentimes resolve the issue:
1. Bounce the VPN
This step is especially helpful in a scenario where the VPN has worked as expected in the past but suddenly encounters an issue.
- Disable the Skytap VPN
- Disconnect all attached networks (via the Attached networks tab on the VPN details page )
- Re-enable the Skytap VPN
- Reconnect environment networks (via Attached networks)
- Test connectivity
2. Compare VPN parameters
This step is especially helpful in a scenario where a VPN connection between Skytap and on-prem is being configured and tested for the first time and there's an issue.
The Skytap VPN configuration should match the configuration of your on-prem VPN. Ensure that all of the following parameters are in agreement on both sides of the connection:
- Topology (route-based or policy-based)
- Phase 1 encryption algorithm
- Phase 1 hash algorithm
- Phase 1 pre-shared key
- Phase 1 SA lifetime
- Phase 1 DH group
- Phase 2 encryption algorithm
- Phase 2 authentication algorithm
- Phase 2 PFS
- Phase 2 PFS group
- Phase 2 SA lifetime
- Phase 2 Dead Peer Detection
- IKE protocol version
Reference Links
VPN configuration parameters: https://help.skytap.com/wan-vpn-configuration-parameters.html
Comments
0 comments
Article is closed for comments.