We'd love to hear about it! Click here to go to the product suggestion community
I'm trying to build a surveilance for our IPsec connections and start them if they're down. I'm using the command "ipsec statusall" and as I've understood this command list all IPsec connections that are UP or partially up ONLY.
The problem is that I can't interpret whether any of the connections are partially down or not. They are all showing as if they're up even if they're partially down. Is there any way to specifically show if a connection is up or not?
Would it be easier if I used the API instead?
Also, since networking isn't my strong side i would like to know if using a "Failover Group" would help in a situation where a connection is partially down; or would a connection have to be completely down in order to perform a failover. Would this trigger the whole firewall to failover or just the IPsec connection?
Thankful for any help!
Hi Ribhu Yadav Unfortunately, there is no such feature available for partial connectivity but you can have email notification if IPsec tunnel up/down, please refer the given article link.https://community.sophos.com/kb/en-us/123327For, IPsec failover configuration, you may follow the below given link.https://community.sophos.com/kb/en-us/123305
In reply to Keyur:
Is there any way to see the status on the GUI with the information about the IKE and IPSec proposals negotiated and traffic statistics on the tunnel, same as IPsec statusall? Customers always ask for it