Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
493
Views
0
Helpful
1
Replies

Need help with DMVPN through firewall

orlandoramos1
Level 1
Level 1

‎04-30-2019 02:43 PM

Greetings,

 

I was hoping if someone here could help me with some configuration information on how I can pass through traffic for our DMVPN traffic through our Palo Alto P3020 firewall.

 

Cheers,

 

Orlando Ramos

Labels:
0 Helpful
1 Reply 1

balaji.bandi
Hall of Fame
Hall of Fame

‎04-30-2019 11:13 PM - edited ‎04-30-2019 11:13 PM

As Long as Palo have FW rules to allow below Traffic along with Intresting IP address. 

 

Depending on the crypto and DMVPN headend or branch placements, the following protocols and ports are required to be allowed:

•UDP Port 500—ISAKMP as source and destination

•UDP Port 4500—NAT-T as a destination

•IP Protocol 50—ESP

•IP Protocol 51—AH (if AH is implemented)

•IP Protocol 47—GRE

•Routing protocol   << -- depends on what IGP you using 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card