06-05-2022 04:12 AM
Hello People ,
We have a situation where in a Site to Site IPSEC exists between Cisco ASA and PALO ALTO FW
The LAN segment of the Network is behind Cisco ASA . Infact all of the VLANS are in this LAN Segment which is Behind Cisco ASA .
The requirement is that Gateway for these VLANS will be the PALO ALTO FW
So i need to know if it is possible to have VPLS over GRE on Palo ALTO
LAN( VLAN )>>>> Cisco ASA 5500Series>>>>>S2S IPSEC >>>>PANFW (Gateway for VLANS).
Can anyone help here ?
06-06-2022 10:02 AM - edited 06-06-2022 10:10 AM
How do the broadcasts from the clients traverse the IPSEC tunnel? The ASA can use policy or route-based VPN but I don't think either will have a mechanism to allow broadcasts. Without that, the clients won't be able to find their gateways.
Why do the gateways need to be on the PAN?
06-07-2022 08:53 AM
Through GRE Tunnel . This is a requirement from client
06-08-2022 02:07 PM
Where are the gateways now?
What's going to terminate the GRE tunnel on the client side? ASA doesn't support GRE.
06-13-2022 05:07 AM
Sorry the other side is SRX and not ASA ,
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
