• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 696
  • Last Modified:

Microsoft Azure Site-to-Site VPN with Palo Alto

Hello Experts,

I'm trying to build a Microsoft Azure site-to-site vpn where the local end device is a Palo Alto Networks firewall.

I have been trying to follow the example shown here ....

https://live.paloaltonetworks.com/t5/Integration-Articles/Configuring-IKEv2-VPN-for-Microsoft-Azure-Environment/ta-p/60340

But I'm not having any luck establishing a connection.

Has anyone successfully established a connection with a Palo Alto firewall?

Kind regards

Carlton
0
Member_2_7966113
Asked:
Member_2_7966113
  • 2
1 Solution
 
Member_2_7966113Author Commented:
Hello Experts,

I have managed to establish a connection in Microsoft Azure, see image, however the Tunnel won't come up in Palo Alto, but IKE is up

( description contains 'IKEv2 child SA negotiation is failed as initiator, non-rekey. Failed SA: 64.187.124.5[500]-13.89.33.31[500] message id:0x00000107. Error code 111' )

Can someone please shed some light on the problem?

Cheers
azure.png
paloalto.png
0
 
Istvan KalmarCommented:
Check the routing table of devices between the firewalls.  A route table entry may need to be added or removed to provide proper network connectivity.
0
 
Member_2_7966113Author Commented:
Hi Istvan, Thanks for responding

Cheers
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now