Palo Alto Lesson: 10.10 Lab Site-to-Site VPN
After you complete this lesson, you should be able to:
Describe the three basic requirements for creating a VPN
Configure the interface, IP addresses, and PSK for the IKE Gateway
Configure the DH group, encryption methods, and authentication methods for an IKE Cryptographic Profile
Configure a static route in the route table for the tunnel
Troubleshoot your IPsec VPN issues from the responder side of the VPN tunnel
Пікірлер: 33
Great video, easy to follow and understand all steps. THANK you!
Thank you for the video, very nicely explained
OK, that was really interesting. Thank you. You've got me hooked!
@AstritKrasniqi
3 жыл бұрын
Thank you Alexandra,
Great video!! thanks!
Thank you for this video❤
Thank you very much.. it clear
amazing video: thanks
Great work Shqipe!!!
@AstritKrasniqi
3 жыл бұрын
faleminderit
Great content. Is it possible to reproduce this lab on EVE-NG? Do you have a step-by-step tutorial on how to implement it?
Waiting for more videos..🙏🙏🙏
so does the FW need a route to point traffic for the far side to the tunnel interface or will it automatically inject that to routing based on the remote side proxy id ?
Nicely explained
@AstritKrasniqi
3 жыл бұрын
Thanks for liking
Hi, got one question what if there are multiple subnet advertised on both side. We need to do any special configuration or use ikev2 or anything?
Your a great instructor, so clear and well laid out. Just a question but is this particular subject covered in the PCNSA?
@AstritKrasniqi
3 жыл бұрын
Thank you for your great comment, yes, the PCNSA exam covers this subject.
@sa7038
3 жыл бұрын
@@AstritKrasniqi Strange that the new PCNSA study guide makes no mention of this, perhaps it is now not included since the new revision last year.
Thanks
@AstritKrasniqi
3 жыл бұрын
No problem
Is there a video on how to nat the local ips to hide them?
Very nice video...
@AstritKrasniqi
3 жыл бұрын
Thank you! Cheers!
Nice
we no need to add static route and security policy for this? Because in some videos they are adding these two which making me confuse..
did you make your lab in gns3 or eve-ng to connect all the vm?
what of there's a router between them?
Hello Astrit. Can you just advise on where do we get those Tunnel IP addresses. I see they are private so maybe we choose them by ourselves? Thanks in advance.
@AstritKrasniqi
3 жыл бұрын
Private addresses chosen from a random private range
What if there's a router between them?
Worst explanation and clearly incomplete. You should then specify (no traffic across tunnel in your label so we don't waist our time) as clearly you didn't define any interesting traffic or you didn't do anything to pass any traffic across the tunnels.
@AstritKrasniqi
2 жыл бұрын
This explanation covers all topics in depth for the PCNSA exam, and I adhere to the Palo Alto curriculum. If you're viewing these videos to learn how to set up a Site to Site VPN for work, you should probably employ a professional rather than trying to learn it on KZread. So, if you want to observe how traffic moves from one site to another, take a look at the PCNSE course.