?
Solved

Microsoft Azure Site-to-Site VPN with Palo Alto

Posted on 2016-10-27
3
Medium Priority
?
477 Views
Last Modified: 2016-11-03
Hello Experts,

I'm trying to build a Microsoft Azure site-to-site vpn where the local end device is a Palo Alto Networks firewall.

I have been trying to follow the example shown here ....

https://live.paloaltonetworks.com/t5/Integration-Articles/Configuring-IKEv2-VPN-for-Microsoft-Azure-Environment/ta-p/60340

But I'm not having any luck establishing a connection.

Has anyone successfully established a connection with a Palo Alto firewall?

Kind regards

Carlton
0
Comment
Question by:Member_2_7966113
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 1

Author Comment

by:Member_2_7966113
ID: 41864088
Hello Experts,

I have managed to establish a connection in Microsoft Azure, see image, however the Tunnel won't come up in Palo Alto, but IKE is up

( description contains 'IKEv2 child SA negotiation is failed as initiator, non-rekey. Failed SA: 64.187.124.5[500]-13.89.33.31[500] message id:0x00000107. Error code 111' )

Can someone please shed some light on the problem?

Cheers
azure.png
paloalto.png
0
 
LVL 34

Accepted Solution

by:
Istvan Kalmar earned 2000 total points
ID: 41864699
Check the routing table of devices between the firewalls.  A route table entry may need to be added or removed to provide proper network connectivity.
0
 
LVL 1

Author Closing Comment

by:Member_2_7966113
ID: 41872919
Hi Istvan, Thanks for responding

Cheers
0

Featured Post

Get proactive database performance tuning online

At Percona’s web store you can order full Percona Database Performance Audit in minutes. Find out the health of your database, and how to improve it. Pay online with a credit card. Improve your database performance now!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article describes how to import an Outlook PST file to Office 365 using a third party product to avoid Microsoft's Azure command line tool, saving you time.
This program is used to assist in finding and resolving common problems with wireless connections.
There's a multitude of different network monitoring solutions out there, and you're probably wondering what makes NetCrunch so special. It's completely agentless, but does let you create an agent, if you desire. It offers powerful scalability …
In this video we outline the Physical Segments view of NetCrunch network monitor. By following this brief how-to video, you will be able to learn how NetCrunch visualizes your network, how granular is the information collected, as well as where to f…

764 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question