IPSec VPN from EC2 server to remote Palo Alto possible?

Reply
L4 Transporter

IPSec VPN from EC2 server to remote Palo Alto possible?

Folks.

 

I have a requirement for setting up an EC2 Windows server in a remote Amazon region for receiving files.

 

On this server, I need some custom API stuff (easy) to allow file transfer from the Internet - but I also need a secure VPN to my normal site elsewhere to I can connect to several databases and other services which are *not* available on the Internet.

 

Does anyone know if it's possibel to use the Amazon VPN to setup an IPSec to my Palo Alto's (PA 3050, currently running 6.1.19) to allow for connections to the internal servers?

 

Or would it be easier to leave a console user logged on and run Global protect? While that might work, it's an ineligant solution as it needs all the remote processes to run as that user to be able to access the resources?

 

Thanks for any input

L5 Sessionator

Re: IPSec VPN from EC2 server to remote Palo Alto possible?

In a situation like this you can spin up a Palo Alto Networks VM series firewall in AWS and use the firewall as the VPN termination point to connecct to your on prem PA-3050. You can also use AWS VPN connection as well as the VPN termination point in AWS. Using Global protect VPN connectivity would be limited to the one Global protect client that is connected. If only one person needs to connect then you can do that but you will still need a VM series firewall in AWS to terminate the Global Protect VPN 

 

 

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!

The Live Community thanks you for your participation!