This section describes troubleshooting information when connecting an SD-WAN Gateway and a VMware Cloud Gateway.

While from a user perspective there is limited CLI and log access, there are errors you can capture and share with Support. One of the first areas to troubleshoot is to ensure that IKE Phase 1 and 2 parameters are equivalent on both ends. It’s possible that the Pre-Shared-Key might be incorrectly entered, causing IKE to fail in authentication.

Some Tips to Consider:

  • The private IP of SD-WAN Gateway is needed and can only be picked up using a diagnostic bundle of the SD-WAN Gateway or by using SSH to access the Gateway. This activity can only be done by VMware SD-WAN Support.
  • End-users can check events/alerts in the SD-WAN Orchestrator and set it up to receive emails.
  • End-users can view the tunnel status under the VMC Networking/Security Policy VPN section.
  • End-users can also click the info icon next to the tunnel status to view some additional messages.
  • vRealize Log Insight Cloud is another tool that provides log information of VMC.
  • If not resolved by the end-user, engage VMware Global Support Services (GSS) and must mention the use of both VMC and VMware.