If you notice that a site is unable to access the applications hosted at other sites or internet (let’s say all the users behind the site are complaining about loss of access to internet and DC applications), you can look to collect the below outputs before performing any restoration activity – these logs will help/assist in triaging the issue from the perspective of a root cause analysis

If the branch is unreachable from the director, you will need to acquire out-of-band access to the branch via eth0 or console

Capture the below from the cli mode

show orgs org <Tenant-name> sessions summary

show device cpuload

show device clients

show alarms last-n 100

show orgs org <Tenant-name> session extensive

show orgs org <Tenant-name> session brief

show orgs org <Tenant-name> sd-wan sla-monitor status

show orgs org <Tenant-name> sd-wan sla-monitor metrics last-1m

show interfaces brief

show route routing-instance <name-LAN-VR>            (the appropriate LAN-VR name)

show bgp neighbor brief

show interface statistics                  (take this output 3 times)

show class-of-services interfaces extensive

show configuration | display set

show orgs org <Tenant-name> sd-wan brief

ping <controller-wan-ip> routing-instance <name-Transport-VR>              (the appropriate controller wan ip and Transport-VR name should be provided – if you have multiple transports, try pinging the appropriate controller wan-ip for each Transport-VR)

ping 8.8.8.8 routing-instance <name-Transport-VR>         (try this for all the Transport-VRs present)

show interfaces dynamic-tunnels