03-19-2019 03:06 AM
Hi @reaper
Do palo alto support SVTI like Cisco.
SVTI configurations can be used for site-to-site connectivity in which a tunnel provides always-on access between two sites. The advantage of using SVTIs as opposed to crypto map configurations is that users can enable dynamic routing protocols on the tunnel interface without the extra 4 bytes required for GRE headers, thus reducing the bandwidth for sending encrypted data.
Regards
Venky
03-19-2019 04:28 AM
What you describe is the transition for Cisco from GRE based tunnels to IPSec based tunnels (this happened somewhere around 2004)
Our default VPN is IPSec based and uses virtual tunnel interfaces
In PAN-OS 9.0 we added GRE support to be backward compatible to pre-ipsec devices 😉
03-19-2019 04:28 AM
What you describe is the transition for Cisco from GRE based tunnels to IPSec based tunnels (this happened somewhere around 2004)
Our default VPN is IPSec based and uses virtual tunnel interfaces
In PAN-OS 9.0 we added GRE support to be backward compatible to pre-ipsec devices 😉
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
