Get Started with IPSec VPN (Site-to-Site)
Learn how the Palo Alto Networks IPSec VPN service can help establish a secure
connection between two or more sites.
| Where Can I Use This? | What Do I Need? |
|---|
A VPN connection provides secure access to information between two or more sites. To
provide secure access to resources and reliable connectivity, a VPN connection needs the
following components: IKE gateway, tunnel interface, tunnel monitoring, Internet Key
Exchange (IKE) for VPN, and IKEv2.
Plan Your IPSec VPN Tunnel Setup
Before you set up an IPSec tunnel, it's important that you decide the following
factors and plan your IPSec tunnel set up successfully.
- Decide on Type of VPN: Site-to-Site or Remote Access
The site-to-site
VPN allows using the IPSec security method to create an encrypted tunnel
from one customer network to a remote site of the customer. However, the
remote access VPN allows individual users to connect to a private network to
access its services and resources.
- Select a Security Method for your VPN
In site-to-site VPN,
the IPSec security method is used to create an encrypted tunnel from one
customer network to a remote site of the customer.
In remote
access VPN, individual users are connected to the private network.
- Decide on your VPN Client
The site-to-site VPN does not need setup on
each client. Remote access VPN may or may not need setup on each
client.
- Decide on your VPN Tunnel Setup
The site-to-site VPN does not require
every user to initiate the VPN tunnel setup. Remote access VPN requires
every remote access user to initiate the VPN tunnel setup.
- Decide on your Security Technology
While site-to-site VPN supports
IPSec technology, Remote access VPN supports SSL as well as IPSec
technology.
- Decide if you wish Single or Multiple Users on your VPN
In site-to-site
VPN, multiple users are not allowed; In remote access VPN, however, multiple
users are allowed.
