Configuration Guidelines when Terminating IPSec VPN Tunnels on the Firewall

Configuration Guidelines when Terminating IPSec VPN Tunnels on the Firewall

0
Created On 09/25/18 17:51 PM - Last Modified 07/19/22 23:07 PM


Resolution


Details

When terminating IPSec VPN tunnels on a Palo Alto Networks firewall, consider that:

  • The terminating interface must be associated with the same zone as the external port where the tunnel packets enter the firewall. If terminating the tunnel on an aggregate ethernet interface, the aggregate interface must also be bound to the external interface (where the tunnel packets enter the firewall).
  • The interface is where the original packet (IKE packet) entered the firewall.

 

owner: nayubi
Other users also viewed:
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClKYCA0&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail