In this lab will show how to create IPsec VPN tunnel between palo Alto and Pfsense Firewall.
PaloAlto configuration;
1- Interface configuration
2- Tunnel interface configuration
3- IKE Gateways
4- IPSec Crypto
5- IKE Crypto
Verify
Pfsense configuration :
1- Create Tunnels interface from VPN>>> IPsec>>Tunnels
Remote Gateway : Palo Alto WAN IP
Local Subnet: pfsense LAN Network
Remote Subnet : Palo Alto LAN Network.
P2 protocol : ESP
P2 Transforms : 3DES
P2 Auth : MD5
2- Add policy to allow traffic on WAN interface : Firewall >> Rules >> WAN
3- Add policy to allow traffic on LAN interface : Firewall >> Rules >> LAN
4- Add policy to allow traffic on IPsec interface : Firewall >> Rules >> IPsec
5- Create static router : System >> Routing >> Static Routes
PaloAlto configuration;
1- Interface configuration
2- Tunnel interface configuration
3- IKE Gateways
4- IPSec Crypto
5- IKE Crypto
Verify
Pfsense configuration :
1- Create Tunnels interface from VPN>>> IPsec>>Tunnels
Remote Gateway : Palo Alto WAN IP
Local Subnet: pfsense LAN Network
Remote Subnet : Palo Alto LAN Network.
P2 protocol : ESP
P2 Transforms : 3DES
P2 Auth : MD5
2- Add policy to allow traffic on WAN interface : Firewall >> Rules >> WAN
3- Add policy to allow traffic on LAN interface : Firewall >> Rules >> LAN
4- Add policy to allow traffic on IPsec interface : Firewall >> Rules >> IPsec
5- Create static router : System >> Routing >> Static Routes
0 Comments