Lompat ke konten Lompat ke sidebar Lompat ke footer
Beranda / PaloAlto | VPN IPSec Site to Site

PaloAlto | VPN IPSec Site to Site

Oleh Hasugian Posting Komentar









FW-PA-01
Setting Zone







Setting IP Interface Ethernet









Setting InterfaceTunnel (buat tunnel.2)








Setting IKE Crypto
















Setting IPSec Crypto
















Setting IKE Gateways
















Pindah  ke TAB Advanced..




 

Setting IPSec Tunnel















Pindah ke TAB Proxy












Routing Static (tunnel route dan default route)











Firewall Rules Policy







Lakuka hal yg sama pada firewall FW-PA-02. Konseptnya sama, hanya yg beda adalah di IKE Gateways di Local IP Address,  Peer Address, Local Identification dan Peer Identification.  IPSec Tunnel: Proxy IP nya dibalik (disesuaikan) juga routingan tunnel.

Testing dan Monitoring



















Monitor Traffic









Verifikasi IPSec Tunnel
> show vpn flow name <tunnel name
 > show vpn ipsec-sa tunnel <tunnel name>
------------------------------------------------------
Sukses....!!!
IPSec Tunnel | Palo Alto Firewall
VPN IPSEC
PaloAlto | VPN IPSec Site to Site

Posting Komentar untuk "PaloAlto | VPN IPSec Site to Site"

Posting Komentar