can you share troubleshooting command how to troubleshooting 1 if phase 1 tunnel not up 2 if phase 2 tunnel not up 3 when phase 1 and phase2 tunnel up but traffic not pass
can you share document link VPN troubleshooting guide step by step
command to check PhaseI/II of IKEv2 in FTD same as that in ASA
additional you can run packet tracer in FTD to see in which step the FTD drop packets
in your OP you mention that IKEv2 is UP but traffic not pass so check two points here 1- NAT exemption 2- if you not use sysopt connection permit-vpn then you need to add two ACP, A- from IN -> OUT for traffic from Local to Remote LAN B- from OUT-> IN for traffic from Remote LAN to Local LAN
MHM
Learn, share, save
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
