Basic IPSec VPN Configuration with PAN-OS
71.9 هزار بار بازدید -
6 سال پیش
-
In this video, we walk
In this video, we walk you through the steps to create an IPSec VPN that originates from one of our physical or virtualized next-generation firewalls that is terminating on any hardware, software or cloud-based IPSec VPN compatible device.
Information needed:
- Deciding which cyphers – you will need an IKE Crypto set of cyphers and an IPSec set of cyphers. There must be matching cyphers on the local and the remote.
- Collecting IP information (Remote Peer IP & Local Peer IP) – The remote peer IP is the remote or far end IP address where the IKE session will terminate. Conversely the local peer IP is the IP address of where the IKE session will terminate on the local device.
- Select a shared key – The shared key will be a string that both local and remote sites will use to validate the IKE session.
Basic Steps:
1) Check or create a usable IKE Crypto Profile
2) Create an IKE Gateway
3) Create a security Zone for the tunnel interface
4) Create a Tunnel Interface
5) Check or create a usable IPSec Crypto Profile
6) Create an IPSec Tunnel
After going through the steps, we will provide a demonstration on how to create an IPSec VPN.
For more information about IPSec VPN configuration, please review the following resources:
(Discussion with Solution) How to create IPSec VPN tunnel between two Palo Alto 200 firewalls?
https://live.paloaltonetworks.com/t5/...
HOW TO CONFIGURE IPSEC VPN (Knowledge Base)
https://knowledgebase.paloaltonetwork...
IPSec VPN Tunnel Management (TechDocs
https://docs.paloaltonetworks.com/pan...
Information needed:
- Deciding which cyphers – you will need an IKE Crypto set of cyphers and an IPSec set of cyphers. There must be matching cyphers on the local and the remote.
- Collecting IP information (Remote Peer IP & Local Peer IP) – The remote peer IP is the remote or far end IP address where the IKE session will terminate. Conversely the local peer IP is the IP address of where the IKE session will terminate on the local device.
- Select a shared key – The shared key will be a string that both local and remote sites will use to validate the IKE session.
Basic Steps:
1) Check or create a usable IKE Crypto Profile
2) Create an IKE Gateway
3) Create a security Zone for the tunnel interface
4) Create a Tunnel Interface
5) Check or create a usable IPSec Crypto Profile
6) Create an IPSec Tunnel
After going through the steps, we will provide a demonstration on how to create an IPSec VPN.
For more information about IPSec VPN configuration, please review the following resources:
(Discussion with Solution) How to create IPSec VPN tunnel between two Palo Alto 200 firewalls?
https://live.paloaltonetworks.com/t5/...
HOW TO CONFIGURE IPSEC VPN (Knowledge Base)
https://knowledgebase.paloaltonetwork...
IPSec VPN Tunnel Management (TechDocs
https://docs.paloaltonetworks.com/pan...
6 سال پیش
در تاریخ 1397/11/24 منتشر شده
است.
71,954
بـار بازدید شده