Thursday, July 16, 2020

Palo Alto to Cisco ISR4451 Ikev2

We used to have an IKEV2 tunnel from an ISR 4451 to a Cisco FTD but have since decommed the FTD and are trying to re-establish the tunnel to a Palo Alto.

With the FTD, we didnt need a virtual tunnel interface on the router and were able to complete the connection just using a crypto map on the exit interface. We have modified the IPs in the crypto map for the new peer address but no dice.

My Question:

Do you need a virtual tunnel interface on the router when trying to accomplish this between a Cisco ISR and Palo Alto Firewall



No comments:

Post a Comment