Enhanced Security Measures in Place: To ensure a safer experience, we’ve implemented additional, temporary security measures for all users.
02-12-2016 06:46 AM
Hello all,
There is 2 juniper firewalls.side to side between them.Side A and Side B
I'm going to change side A with Paloalto and for sideB change configuration is not allowed.
So everything is ok except for vpn.inside juniper phase 1 profile is selected as preddefined Rsa(rsa-g2-3des-sha sig), so what will I do on paloalto ?
Thanks.
02-12-2016 07:44 AM
Hi Mathsss,
I would advise you review this article in conjunction with what you currently have configured. That way you can match up the settings with those of the peer.
https://live.paloaltonetworks.com/t5/Configuration-Articles/How-to-Configure-IPSec-VPN/ta-p/56535
hope this helps!,
Ben
02-12-2016 08:35 AM
Hello,
Here are a couple of other articles that may help out.
Regards,
02-12-2016 11:03 AM
Thanks.but nothing related to my question here.
02-12-2016 11:04 AM
Thanks but not any word about rsa here.
02-14-2016 04:49 AM
Based on what I know, PAN does not use RSA keys to sign tunnels, which the SSG appears to be doing. Unfortunately you have no choice but to modify those settings. I would recommend using the most secure settings possible in order to appease your stakeholders.
Take care,
AK
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
