Palo Alto VPN Configuration | Site to Site VPN Configuration in Palo Alto Firewall

Подписаться 4 тыс.

Просмотров 8 тыс.

50% 1

In this Palo Alto firewall training video session. You will learn how to configure site to site VPN in Palo Alto firewall. We will use default profile for IKE Crypto and IPSec Crypto and create new Gateway for s2s VPN. Later we will configure Tunnel using tunnel interface. we will learn creating policy creation in palo alto firewall for site to site vpn. There will be a requirement to configure static route in firewall, we will also do that. In this video you will palo alto vpn configuration also palo alto vpn site to site.
For more Palo Alto firewall training videos, please go to link below.

Наука

Опубликовано:

15 июл 2023

Ссылка:

Скачать:

Готовим ссылку...

Добавить в:

Мой плейлист

Посмотреть позже

Комментарии : 12

@devakeenandantiwari8801 4 месяца назад

Good explanation thanks sir...

@freshdeveloper 4 месяца назад

Thank you ☺️

@waseemhasan5372 Месяц назад

that was so awesome. thanks sir

@freshdeveloper 28 дней назад

Glad you liked it!

@vijayamadhavi6788 4 месяца назад

Hi sir.. can you explain modes,ike,IPsec parameters, give more trouble shooting commands and packet capture it will help

@freshdeveloper 4 месяца назад

Sure mate, will try to cover.....

@amanpathania 4 месяца назад

Good session however, I have an input or query - while configuring the static routes: (explained during 16:00-19:00 min timestamp) you ended up configuring it for a VPC IP. My question is: In real time, you would never know the VPC IP address on the other side. you should have configured it on the public facing IP and then created a route to the target VPC. Please let me know your thoughts on this.

@freshdeveloper 4 месяца назад

If you are talking about Static route for tunnel, i.e. not just VPC IP of a machine, but its whole subnet of other side. So all the traffic towards complete subnet will be forwarded towards tunnel, get encrypted and being delivered on other site. I hope i understood your question currently. If not please ask again re-iterating 🙂

@Littlegujju-avengers 7 месяцев назад

What configuration is needed, if the PA firewall sits behind the router(NAT)? NAT -T enable in palo alto. Is there any changes required in Cisco router 7200. Pls. suggest

@freshdeveloper 7 месяцев назад

If NAT is happening in between VPN path, you may have to enable port 4500 as well. By default UDP port 500 is used for IKE, but in case of NAT-T in between it uses 4500

@KentWirianata-yp5dv Месяц назад

Hello i'm new in here, 7:08 what if there's a router between the palo? what's the peer IP? also what config is needed in router beside setting ip and routing so that he vpn site to site work?

@freshdeveloper Месяц назад

In that case peer IP could not be of same network. But ultimate purpose will be same, Peer IP should be reachable and make sure routes in place at the intermediate routers