Large Scale VPN (LSVPN)
The GlobalProtect Large Scale VPN (LSVPN) feature on the Palo Alto Networks next-generation firewall simplifies the deployment of traditional hub and spoke VPNs, enabling you to quickly deploy enterprise networks with several branch offices with a minimum amount of configuration required on the remote satellites. This solution uses certificates for firewall authentication and IPSec to secure data.
LSVPN enables site-to-site VPNs between Palo Alto Networks firewalls. To set up a site-to-site VPN between a Palo Alto Networks firewall and another device, see VPNs.
The following topics describe the LSVPN components and how to set them up to enable site-to-site VPN services between Palo Alto Networks firewalls:
- LSVPN Overview
- Create Interfaces and Zones for the LSVPN
- Enable SSL Between GlobalProtect LSVPN Components
- Configure the Portal to Authenticate Satellites
- Configure GlobalProtect Gateways for LSVPN
- Configure the GlobalProtect Portal for LSVPN
- Prepare the Satellite to Join the LSVPN
- Verify the LSVPN Configuration
- LSVPN Quick Configs
LSVPN Overview GlobalProtect provides a complete infrastructure for managing secure access to corporate resources from your remote sites. This infrastructure includes the following components: GlobalProtect ...
GlobalProtect Portal for LSVPN Prerequisite Tasks
GlobalProtect Portal for LSVPN Prerequisite Tasks Before configuring the GlobalProtect portal, you must complete the following tasks: Create Interfaces and Zones for the LSVPN on ...
VPN Deployments The Palo Alto Networks firewall supports the following VPN deployments: Site-to-Site VPN — A simple VPN that connects a central site and a ...
Advanced LSVPN Configuration with iBGP
Advanced LSVPN Configuration with iBGP This use case illustrates how GlobalProtect LSVPN securely connects distributed office locations with primary and disaster recovery data centers that ...
VPNs Virtual private networks (VPNs) create tunnels that allow users/systems to connect securely over a public network, as if they were connecting over a local ...
Keys and Certificates
Keys and Certificates To ensure trust between parties in a secure communication session, Palo Alto Networks firewalls and Panorama use digital certificates. Each certificate contains ...
Configure GlobalProtect Gateways for LSVPN
Configure GlobalProtect Gateways for LSVPN Because the GlobalProtect configuration that the portal delivers to the satellites includes the list of gateways the satellite can connect ...
Deploy GlobalProtect Gateways on AWS
Deploy GlobalProtect Gateways on AWS To secure mobile users, in addition to deploying and configuring the GlobalProtect gateways on AWS, you need to set up ...
Create Interfaces and Zones for the LSVPN
Create Interfaces and Zones for the LSVPN You must configure the following interfaces and zones for your LSVPN infrastructure: GlobalProtect portal —Requires a Layer 3 ...