Palo Alto: How to Configure IPSec VPN between Palo Alto and Cisco ASA?
Overview:
This
document describes the steps to configure IPSec VPN and assumes the
Palo Alto Firewall has at least 2 interfaces in Layer 3 mode.
High Level Diagram:
IP schema specification:
Steps to be followed on Palo Alto Networks Firewall
• Go to Network > Tunnel Interface to create a new tunnel interface and assign the following parameters:
Name: tunnel.1
Virtual router: default
Please refer this article if you need any help to configure Virtual Router on Palo Alto Networks.
Zone: (select the layer 3 internal zone from which the traffic will originate)Virtual router: default
Please refer this article if you need any help to configure Virtual Router on Palo Alto Networks.
Please refer this article if you need any help to configure Layer 3 interface on Palo Alto Networks.
Note: If the tunnel interface is in a zone different from the zone where the traffic will originate or depart, then a policy will need to be created to allow the traffic to flow from the source zone to the zone containing the tunnel interface.
