IPsec Tunnel

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

IPsec Tunnel

L4 Transporter

This might be a dumb question but I am going to ask it anyway, otherwise I may never know.  I want to replace an ASA 5510 firewall IPsec VPN into a PCI network using Palo alto. What is the best way to approach that? 

10 REPLIES 10

Cyber Elite
Cyber Elite

@jdprovine,

I imagine that the tunnel is currently just using a pre-shared key? If that's the case you would simply be able to recreate the tunnel on the PA and you shouldn't run into any issues. 

@BPry

I would assume the current VPN tunnle is using a pre-shared key also, I didn't set it up, just trying to find out how it is working now and see if I can mimic it on the PA.  Then find out what VPN client can connect to it.

Can you use L2TP ?

@jdprovine,

No. L2TP is no longer a feature for the vast majority of appliances anymore. 

@BPry

I was afraid of that, its going to make VPN client they can use more difficult, some people need to have a vpn client for access from home and also a client to access the PCI network. Like me I have a native client configured for PCI access and the GP VPN because, though you can switch back and forth by changing the portal name, it would be easier if you could have multiple entries on one client

The setting for the VPN for the client for the ASA 5510 are L@TP/IPSec with pre-shared key

@jdprovine,

You actually can do this within the new agent. You would simply add another portal within the agent settings, and then you can toggle between the portals when you connect. 

Capture.PNGCapture.PNG

@BPry

Which version client it that and does it work with 7.1.15

@jdprovine,

It's the 4.1 client. While the 4.1 will work with 7.1.15 I would make sure that it's fully functional in your enviroment before you push it out in mass. 

@BPry

Nice to see that they are answering our feature requests. I am going to install it on my test laptop and see how it works. This is going to be very helpful

@BPry

Works like a dream on my test machine!!!  I love it. Now I just have to figure out how to setup my IPSec tunnel, with the settings from the old ASA 5510

  • 3478 Views
  • 10 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!