Tuesday, October 5, 2021

IPSec Tunnel on Azure Palo Firewall

I know that Azure does not support GRE tunnels and that is not an option.

I need to be able to make an IPSec IKEV2 connection from a Palo host in Azure to Zscaler.

Eth1 has a public IP address attached to the NIC in the azure portal.

I understand that Azure handles the NAT of private IP of the eth1 interface to the public ip attached.

My security policy is fine.

However, I am still getting a connection timed out. My NAT policy is being hit, but not getting a response. It may be ZIA that has the issue or I configured something wrong there.

Curious to see if anyone has had to do this.



No comments:

Post a Comment