Showing results for 
Show  only  | Search instead for 
Did you mean: 

Who Me Too'd this topic

Palo alto Active/passive HA on azure with IPsec VPN tunnel

L0 Member



I am deploying an Active/Passive Palo Alto HA VM's on Azure with an external and internal loadbalancer topology (picture below), I know that the NAT is done by the public Loadbalancer so no need for public IP address on the VM's interfaces so need for public IP on interfaces for this purpose, but i need to set a VPN IPsec connections between my PA-VM's and other sites, so how would I configure the VPN IPsec tunnels, should I put the Public IP of the loadBalancer on the peer IP or the private IP of the VM's or should I literally configure my PA-VM's with Public IP on external interfaces.


I am really blocked with this point, if anyone could help i will be really grateful.


Question forum palo ip public optimized.PNGThank you in advance



Who Me Too'd this topic