Do you know other side FW vendor? Thi swill helps you to get a better picture as well as get ready for the caveats (if any). From the Palo Alto side, everything is the same as with any other VPN apart from the IKEv2 option in the IKE Gateway settings. Below nice article explaining about Proxy ID with IKEv2:
Let me take a crack at this. You have an ASA 5510 that currently serves as a VPN gateway for accessing a certain aspect of your network, you want to use the PA to take it's place (instead of a seperate platform). Is this one of those that you are using the native client on an endpoint device such as a mobile phone or built-in VPN client on the native operating system?
It that right or does this actually terminate with another network device of some sort, as a site-to-site tunnel?
I don't think we are talking about a site-to-site at this point.
Okay that's what I though. Since the release of 7.0 PA has had this ability; you'll just need to configure an IKE gateway and actually configure this similarly to what was on the 5510. I'm not sure how exactly this will work with the PA, I've only ever setup IPSec site-to-site tunnels so I'm not exactly sure how it handles multiple client devices connecting to the same gateway. I might engage your SE just to verify that it'll work how you intend.
yeah I have had site to site tunnels set up between two PA before but not into the internal/segregated section of a network. I am currently reviewing the configuration on the ASA 5510 to get an idea of how it is set up now. Good link I will see if I can contact my SE (last time I tried he had quit and they didn't let me know) and see if he has anything to add
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!