We are doing a virtual desktop trial with a vendor in the cloud, they are going to connect to us using a IPSec tunnel that we are going to set up on the palo alto firewall. So instead of putting DHCP server in the clouds to hand our IP addresses to the virutal desktop they are hosting for us we want them to connect and get IP addresses from our network DHCP servers. So.... I am trying to figure out if that is possible
Ok. As i know, it isn't possible because your setup is a Layer 3 VPN. DHCP works on layer 2 and even if your Cloud Provider offers a Layer 2 Tunnel like GRE, it isn't possible to terminate the Tunnel with a Palo Alto Networks Firewall.
1. You need a DHCP relay agent in the local subnet of your clients (or a dhcp server). Maybe the Gateway of your Cloud Provider can do it? Ask him.
2. You could run a Palo Alto VM in the network of your Virtual Desktop Clients and use it as a DHCP Relay Agent or DHCP Server
3. static ip adress.... (depends on your setup and your pain...)
There Are No Technical Solutions to Human Problems. Sorry.
Maybe the Cloud Provider support IPv6 and IPv6 Autoconfiguration on his Gateway in the local Network?
And what do you mean with "to let the provider host it." ??
The Provider should not Host a VM Palo Alto or a DHCP Service?
I think that the vendor offers and option to host a DHCP server for the virtual desktops in the cloud. but for what ever reason we decided to try to use our own.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!