Get Started with IPSec VPN (Site-to-Site)
Focus
Focus
Network Security

Get Started with IPSec VPN (Site-to-Site)

Table of Contents

Get Started with IPSec VPN (Site-to-Site)

Learn how the Palo Alto Networks IPSec VPN service can help establish a secure connection between two or more sites.
Where Can I Use This?What Do I Need?
  • Prisma Access
  • PAN-OS
No license required
A VPN connection provides secure access to information between two or more sites. To provide secure access to resources and reliable connectivity, a VPN connection needs the following components: IKE gateway, tunnel interface, tunnel monitoring, Internet Key Exchange (IKE) for VPN, and IKEv2.
Before you plan your IPSec VPN tunnel setup, its important you learn about:

Plan Your IPSec VPN Tunnel Setup

Before you set up an IPSec tunnel, it's important that you decide the following factors and plan your IPSec tunnel set up successfully.
  1. Decide on Type of VPN: Site-to-Site or Remote Access
    The site-to-site VPN allows using the IPSec security method to create an encrypted tunnel from one customer network to a remote site of the customer. However, the remote access VPN allows individual users to connect to a private network to access its services and resources.
  2. Select a Security Method for your VPN
    In site-to-site VPN, the IPSec security method is used to create an encrypted tunnel from one customer network to a remote site of the customer.
    In remote access VPN, individual users are connected to the private network.
  3. Decide on your VPN Client
    The site-to-site VPN does not need setup on each client. Remote access VPN may or may not need setup on each client.
  4. Decide on your VPN Tunnel Setup
    The site-to-site VPN does not require every user to initiate the VPN tunnel setup. Remote access VPN requires every remote access user to initiate the VPN tunnel setup.
  5. Decide on your Security Technology
    While site-to-site VPN supports IPSec technology, Remote access VPN supports SSL as well as IPSec technology.
  6. Decide if you wish Single or Multiple Users on your VPN
    In site-to-site VPN, multiple users are not allowed; In remote access VPN, however, multiple users are allowed.