IP 1.1.1.1 is configured on the Cisco ASA firewall and 2.2.2.2 is configured on the Palo Alto Firewall as shown below:Īs you noticed, the LAN subnet 192.168.1.0/24 is connected with Cisco ASA and on the other hand, the LAN subnet 192.168.2.0/24 is connected with the Palo Alto Firewall. In this example, I’m using two routable IP addresses on both Palo Alto and Cisco ASA firewalls, which are reachable from each other. Scenario – IPSec Tunnel between Cisco ASA and Palo Alto FirewallĪs already discussed, you must need static routable IP on both Palo Alto and Cisco ASA firewalls. Analyzing the IPSec traffic through the Wireshark.Troubleshooting IPSec tunnel on Palo Alto Firewall.Troubleshooting IPSec tunnel on the Cisco ASA Firewall.Troubleshooting the IPSec tunnel – PA & ASA.Initiating the IPSec tunnel and verify the traffic using Wireshark.Configuring the Crypto MAP and Extended ACL to allows IPSec traffic on Cisco ASA.Configuring the Tunnel Group and Pre-Shared Key on Cisco ASA.
Configuring the Phase1 (IKEv1) on Cisco ASA.Steps to configure IPSec Tunnel in Cisco ASA Firewall.Configuring Route for Peer end Private Network.Creating the Security Policy for IPSec Tunnel Traffic.Creating a Tunnel Interface on Palo Alto Firewall.Creating a Security Zone on Palo Alto Firewall.Steps to configure IPSec Tunnel on Palo Alto Firewall.Scenario – IPSec Tunnel between Cisco ASA and Palo Alto Firewall.
0 kommentar(er)
