Is there a way to monitor CATO IPSec degraded status

Hello,

We recently enhanced our resilience on CATO side by switching from a single IPSec peering tunnel to a dual active/passive IPSec tunnel, enabling automatic failover in case of POP incident.

However, monitoring via the basic API request does not return a “Degraded” status; it only returns ‘Connected’ or “Disconnected”. The API request uses the Account Snapshot one.

Investigating deeper in the CATO API, it doesn't seem possible to get the “Degraded” status for IPSec connectivity.

Is this a limitation of the API?

Is an update to the API on CATO’s roadmap to monitor this status ?

Looking forward to your response.

Corentin

Forum Discussion

Is there a way to monitor CATO IPSec degraded status

Recent Discussions

Is there a way to monitor CATO IPSec degraded status

I could use some help with a Powershell script for the events feed.

Terraform: IPsec site creation with Responder-only and destination type FQDN possible?

Cato Connect Event: DevOps/API Live - May 2026

Mismatch in User Count: Cato Report vs GraphQL API Output