An NGFW from Palo Alto Networks, which was among the first vendors to offer.
Gonna leave it up cause there's some great tips here. The firewall remains a core fixture in traditional network security. Super weird crap, but probably not Palo's fault.
I'll probably open a case with Palo support but I figured IPSEC passthrough but not be uncommon, and was hoping someone had an idea of how to fix this?Įdit: Honestly looking into this in more detail at this point I think it's probably either user error or something weird going on at Layer 2/3, not firewall related. Looking at logs and captures, as far as I can tell the IKE traffic goes like this: The tunnels appear to be torn down by the Palo, here's the relevant article:Īnother article appears to show a solution, but only for a static tunnel, not a remote-access server like the client appears to be setting up: How to verify if the VPN Passthrough feature is enabled on a Linksys Wireless-N router Port Forwarding / (IPSec), 50, 21 / (500) PPTP, 1723 L2TP, 1701. I have a client setting up a VPN server in our DMZ for communication with outside clients. The VLAN and the associated interface define the network connectivity to SSL Orchestrator from the inline security device. I looked through this sub but didn't see a similar issue posted. PANW - Press Releases & Public Statements.We are not officially supported by Palo Alto networks, or any of it's employees, however all are welcome to join and help each other on a journey to a more secure tomorrow.ĭo you have support related questions? Check the Support Site Company Information This subredditt is for those that administer, support, or want to learn more about Palo Alto Networks firewalls.