Setting up an IPSEC VPN Tunnel on AWS.. Connects but no traffic..

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

Setting up an IPSEC VPN Tunnel on AWS.. Connects but no traffic..

L2 Linker

Hello everyone. I am having an issue setting up a VPN from my Palo to my AWS Palo and was hoping someone can help. I did look at other AWS VPN issue but all i saw was issues with aws. This is something else. I have the tunnel up and established but traffic is not working. I see traffic leaving my palo over the correct tunnel interface but it gets lost somewhere along the way. Since I cannot see the encrypted tunnel traffic I have no clue if the aws palo is getting it. 

 

I followed the Palo alto instructions for doing this which isnt much different than setting up a normal ipsec tunnel. The palo guide says to use NAT Traveral option in the IKE gateway which I have tried with no luck. By all rights it should be wotking. Any suggestions?

3 REPLIES 3

L0 Member

Hello,

    Do you see the VPN Phase 1 & 2 up and traffic counters incrementing? 

PCNSE

Cyber Elite
Cyber Elite

Hello,

If both phase 1 &2 are up, its probably the ACL firewall on AWS that is preventing the traffic.

 

Regards,

L4 Transporter

@scottoliver  , You need to check route table on AWS side to make sure it is pointing to correct VGW.

 

Do you see packets getting encrypted on palo alto side ?

SD-WAN | Cloud Networking | PCNSE | ICSI CNSS | MCNA | | CCNP | CCSA | SPSP | SPSX | F5-101 |
  • 6665 Views
  • 3 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!