01-29-2024 09:44 PM
Dear Team,
I want to deploy Paloalto 2 - VM-300 with integration of GWLB on AWS. both will be active and passing the traffic.
However i have referred Paloalto documents with two-arm mode and one-arm mode.
I will be having an IPsec connectivity with (on-prem DC) in this case, how this will work ?
on prem user >>> IPsec >>> AWS PA (Network VPC) >>> server in (Prod VPC)
Please let me know the detail flow and how to achieve this. any documents or article which describe this type of flow?
regards,
01-30-2024 07:18 PM
Hi @Doyenadmin
The reference architecture design and deployment guides at AWS - Palo Alto Networks have all the answers you need - I recommend reading the design guide first to get an understanding of how the AWS components integrate, and what options are available to suit your needs. They also contain detailed flow diagrams, features and concepts specific to AWS deployments and links to automation libraries to help expedite your build or run a PoC.
As a general rule, use AWS services to terminate IPsec (Virtual Private Gateway, Transit Gateway VPN attachment) and only use the firewalls if required by design e.g. part of your multi-cloud or SDWAN deployment.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
