- Access exclusive content
- Connect with peers
- Share your expertise
- Find support resources
09-17-2020 06:08 AM
Hello!
I setup IPsec tunnel between palo alto and mikrotik.
I found an example here.
I did everything step by step 1-13(see below)
I have PAlo alto version 9.1.3-h and Router os ver. 6.43.13.
phase 2 doesn’t work. How to befriend these devices? Help me.
Config PALO Alto
1.Create a new interface and add address (gateway default for tunnel in Virtual Router).
2.New Zone security
3. Setup Phase 1 (it is IKE Crypto & IKE Gateway)
4. Phase 2 (profile incryption)
5.setup Ipsec Tunnels
6.In virtual gateway we need add network.
7.Rules of security. first of allow connect and second rule allow traffic throw tunnel.
Config Mikrotik.
8.Access to network throw tunnel (without NAT)
9.Allow ports 500 and 4500.
10.Politics IPSec
11.Peer profile
12.Politics.
13.Setup Peer.