Enhanced Security Measures in Place:   To ensure a safer experience, we’ve implemented additional, temporary security measures for all users.

Point to site VPN on pan 0S 11+ (Client to remote VPN server)

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

Point to site VPN on pan 0S 11+ (Client to remote VPN server)

L2 Linker

I remember reading some where Palo Alto firewalls works like a client to access remote VPN servers 

 

eg I can setup the PALO to access a OpenVPN server and give access to user on my palo managed local network to access that remote resource, than user installing the OpenVPN application on their computer and connecting. 

 

Hope I'm making any sense. all I need is a location on the Palo docs I can't seems to find it. I pretty sure I read that, 

 

Thank you in advance 

1 accepted solution

Accepted Solutions

Cyber Elite
Cyber Elite

the palo firewall can only connect to a peer using traditional IPSec connections, it cannot act as a P2S client

Tom Piens
PANgurus - Strata specialist; config reviews, policy optimization

View solution in original post

3 REPLIES 3

Cyber Elite
Cyber Elite

OpenVPN users are able to connect to a GlobalProtect gateway as a 3rd party vpn client

The Palo firewall cannot connect to openvpn as it (openvpn) does not support IPSec

 

if your users need to connect to an openvpn server, you'll need to set a security rule allowing these connections from the users to the remote server

Tom Piens
PANgurus - Strata specialist; config reviews, policy optimization

L2 Linker

Thank you forget the openvpn server I said that as an example. 

If the  end vpn-server  supports  IPSec connection then can I use Palo to connect ? like azure point to site VPN ? I want to know where you configure this setting. 

 

All the docs  I find are for site to site connection 

Cyber Elite
Cyber Elite

the palo firewall can only connect to a peer using traditional IPSec connections, it cannot act as a P2S client

Tom Piens
PANgurus - Strata specialist; config reviews, policy optimization
  • 1 accepted solution
  • 935 Views
  • 3 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!