Go to VPN > IPsec Tunnels
Check the tunnel status icon for Phase 1 up/down state
Open the tunnel and verify Phase 1 status in the details
Go to Monitor > IPsec Monitor
Check whether Phase 1 is established
Use the CLI command: `get vpn ipsec tunnel summary`
Use the CLI command: `diagnose vpn tunnel list`
Use the CLI command: `diagnose vpn ike gateway list`
Use the CLI command: `diagnose debug application ike -1`
Use the CLI command: `diagnose debug enable`
Check the log under Log & Report > Events > VPN
Verify Phase 1 parameters match on both peers
Confirm the peer IP, pre-shared key, IKE version, encryption, authentication, and DH group
Check that the local and remote interfaces are correct
Ensure the firewall policy allows IKE traffic on UDP 500 and UDP 4500
Verify NAT-T settings if NAT is present
Confirm the WAN link and routing to the peer are working