{"id":522,"date":"2022-04-30T15:25:24","date_gmt":"2022-04-30T19:25:24","guid":{"rendered":"https:\/\/pressbooks.bccampus.ca\/paloalto\/?post_type=chapter&#038;p=522"},"modified":"2023-11-22T14:46:07","modified_gmt":"2023-11-22T19:46:07","slug":"ipsec-vpn-palo-alto-on-prem-azure","status":"publish","type":"chapter","link":"https:\/\/pressbooks.bccampus.ca\/paloalto\/chapter\/ipsec-vpn-palo-alto-on-prem-azure\/","title":{"raw":"4.1 IPsec VPN between Palo Alto on Premise and Microsoft Azure","rendered":"4.1 IPsec VPN between Palo Alto on Premise and Microsoft Azure"},"content":{"raw":"<div class=\"textbox textbox--learning-objectives\"><header class=\"textbox__header\">\r\n<p class=\"textbox__title\">Learning Objectives<\/p>\r\n\r\n<\/header>\r\n<div class=\"textbox__content\">\r\n<ul>\r\n \t<li>Configure a Virtual Network in Microsoft Azure<\/li>\r\n \t<li>Set up and configure the Azure VPN Gateway for IPsec VPN<\/li>\r\n \t<li>Implement Network Security Groups (NSGs) in Azure for traffic control<\/li>\r\n \t<li>Monitor and troubleshoot IPsec VPN connections on Palo Alto<\/li>\r\n<\/ul>\r\n<\/div>\r\n<\/div>\r\n<div class=\"textbox shaded\"><strong>Scenario<\/strong>: We are going to connect on-premise Palo Alto to Azure Virtual Gateway. This is going to be IPsec VPN between Palo Alto and Azure. First, we'll configure Azure and then connect Palo Alto through Port1 to Azure Virtual Gateway.<\/div>\r\n\r\n[caption id=\"attachment_606\" align=\"aligncenter\" width=\"1173\"]<img class=\"wp-image-606 size-full\" src=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00176.png\" alt=\"Site-to-Site VPN between Palo Alto on-prem and Microsoft Azure\" width=\"1173\" height=\"541\" \/> Figure 4.1: Main scenario[\/caption]\r\n<h2 style=\"page-break-before: always;\">Azure Configuration<\/h2>\r\n<ol>\r\n \t<li>Create a resource group in Azure as follows:\r\n<ul>\r\n \t<li><strong>Resource group:<\/strong> Pal<\/li>\r\n \t<li><strong>Region:<\/strong> West US<\/li>\r\n<\/ul>\r\n[caption id=\"attachment_554\" align=\"aligncenter\" width=\"1103\"]<img class=\"wp-image-554 size-full\" src=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00131.png\" alt=\"Step1-Create a resource group\" width=\"1103\" height=\"382\" \/> Figure 4.2: Create a resource group[\/caption]\r\n\r\n[caption id=\"attachment_555\" align=\"aligncenter\" width=\"500\"]<img class=\"wp-image-555\" src=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00132.png\" alt=\"Step 2- create a resource group\" width=\"500\" height=\"400\" \/> Figure 4.3: Create a resource group[\/caption]\r\n\r\n[caption id=\"attachment_556\" align=\"aligncenter\" width=\"500\"]<img class=\"wp-image-556\" src=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00133.png\" alt=\"Step3- create a resource group\" width=\"500\" height=\"485\" \/> Figure 4.4: Create a resource group[\/caption]<\/li>\r\n \t<li>Create a virtual network as follows:\r\n<ul>\r\n \t<li><strong>Resource group:<\/strong> Pal<\/li>\r\n \t<li><strong>Name:<\/strong> Azure-Pal<\/li>\r\n \t<li><strong>Region:<\/strong> West US<\/li>\r\n \t<li><strong>Change the default subnet:<\/strong> 10.0.1.0\/24<\/li>\r\n<\/ul>\r\n[caption id=\"attachment_559\" align=\"aligncenter\" width=\"1072\"]<img class=\"wp-image-559 size-full\" src=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00134.png\" alt=\"Step1- create a virtual network\" width=\"1072\" height=\"809\" \/> Figure 4.5: Create a virtual network[\/caption]\r\n\r\n[caption id=\"attachment_561\" align=\"aligncenter\" width=\"1880\"]<img class=\"wp-image-561 size-full\" src=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00135.png\" alt=\"Step2- create a virtual network(Change default subnet)\" width=\"1880\" height=\"854\" \/> Figure 4.6: Create a virtual network (Change default subnet)[\/caption]\r\n\r\n[caption id=\"attachment_833\" align=\"aligncenter\" width=\"500\"]<img class=\"wp-image-833 size-full\" src=\"https:\/\/pressbooks.bccampus.ca\/htalebi\/wp-content\/uploads\/sites\/1634\/2022\/04\/ScreenShot00085-1.jpg\" alt=\"Step3- create a virtual network\" width=\"500\" height=\"841\" \/> Figure 4.7: Create a virtual network[\/caption]\r\n\r\n[caption id=\"attachment_834\" align=\"aligncenter\" width=\"500\"]<img class=\"wp-image-834 size-full\" src=\"https:\/\/pressbooks.bccampus.ca\/htalebi\/wp-content\/uploads\/sites\/1634\/2022\/04\/ScreenShot00086-1.jpg\" alt=\"Step4- create a virtual network\" width=\"500\" height=\"825\" \/> Figure 4.8: Create a virtual network[\/caption]\r\n\r\n[caption id=\"attachment_562\" align=\"aligncenter\" width=\"500\"]<img class=\"wp-image-562\" src=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00136.png\" alt=\"Step5- create a virtual network\" width=\"500\" height=\"677\" \/> Figure 4.9: Create a virtual network[\/caption]<\/li>\r\n \t<li style=\"page-break-before: always;\">Create a virtual network gateway as following:\r\n<ul>\r\n \t<li><strong>Name:<\/strong> Azure-VPN-Pal<\/li>\r\n \t<li><strong>Region:<\/strong> West US<\/li>\r\n \t<li><strong>Generation:<\/strong> Generation1<\/li>\r\n \t<li><strong>Gateway subnet address range:<\/strong> 10.0.0.0\/24<\/li>\r\n \t<li><strong>Public IP address name:<\/strong> AzurePublic<\/li>\r\n<\/ul>\r\nClick on Create and Review. It takes around <strong>25<\/strong> minutes to deploy a virtual network gateway in Azure.\r\n\r\n[caption id=\"attachment_564\" align=\"aligncenter\" width=\"500\"]<img class=\"wp-image-564\" src=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00137.png\" alt=\"Step1- create a virtual network gateways\" width=\"500\" height=\"219\" \/> Figure 4.10: Create a virtual network gateway[\/caption]\r\n\r\n[caption id=\"attachment_565\" align=\"aligncenter\" width=\"500\"]<img class=\"wp-image-565\" src=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00138.png\" alt=\"Step 2- create a virtual network gateway\" width=\"500\" height=\"677\" \/> Figure 4.11: Create a virtual network gateway[\/caption]\r\n\r\n[caption id=\"attachment_566\" align=\"aligncenter\" width=\"500\"]<img class=\"wp-image-566\" src=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00139.png\" alt=\"Step3- create a virtual network gateway\" width=\"500\" height=\"389\" \/> Figure 4.12: Create a virtual network gateway[\/caption]\r\n\r\n[caption id=\"attachment_567\" align=\"aligncenter\" width=\"400\"]<img class=\"wp-image-567\" src=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00140.png\" alt=\"Step4- create a virtual network gateway\" width=\"400\" height=\"421\" \/> Figure 4.13: Create a virtual network gateway[\/caption]\r\n\r\n[caption id=\"attachment_569\" align=\"aligncenter\" width=\"1317\"]<img class=\"wp-image-569 size-full\" src=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00141.png\" alt=\"Step 5- create a virtual network gateway( Deployment)\" width=\"1317\" height=\"354\" \/> Figure 4.14: Create a virtual network gateway (deployment)[\/caption]\r\n\r\n[caption id=\"attachment_579\" align=\"aligncenter\" width=\"1075\"]<img class=\"wp-image-579 size-full\" src=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00150.png\" alt=\"Step 6- Deployment of virtual network gateway\" width=\"1075\" height=\"319\" \/> Figure 4.15: Deployment of virtual network gateway[\/caption]<\/li>\r\n \t<li style=\"page-break-before: always;\">Create a local network gateway as follows:\r\n<ul>\r\n \t<li><strong>Resource Group:<\/strong> Pal<\/li>\r\n \t<li><strong>Region:<\/strong> West US<\/li>\r\n \t<li><strong>Name:<\/strong> PaloAlto<\/li>\r\n \t<li><strong>IP Address:<\/strong> IP_Address_of_Port1_FortiGate(On Prem)<\/li>\r\n \t<li><strong>Address Space:<\/strong> IP_Address_LocalNetwork<\/li>\r\n<\/ul>\r\n[caption id=\"attachment_580\" align=\"aligncenter\" width=\"400\"]<img class=\"wp-image-580\" src=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00151.png\" alt=\"Step 1- create a local network gateway\" width=\"400\" height=\"172\" \/> Figure 4.16: Create a local network gateway[\/caption]\r\n\r\n[caption id=\"attachment_581\" align=\"aligncenter\" width=\"400\"]<img class=\"wp-image-581\" src=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00152.png\" alt=\"Step 2- create a local network gateway\" width=\"400\" height=\"303\" \/> Figure 4.17: Create a local network gateway[\/caption]\r\n\r\n[caption id=\"attachment_582\" align=\"aligncenter\" width=\"400\"]<img class=\"wp-image-582\" src=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00153.png\" alt=\"Step 3- create a local network gateway (Review + create)\" width=\"400\" height=\"395\" \/> Figure 4.18: Create a local network gateway (review + create)[\/caption]\r\n\r\n[caption id=\"attachment_583\" align=\"aligncenter\" width=\"819\"]<img class=\"wp-image-583\" src=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00154.png\" alt=\"Step 4- Verify local network gateway deployment\" width=\"819\" height=\"237\" \/> Figure 4.19: Verify local network gateway deployment[\/caption]<\/li>\r\n \t<li style=\"page-break-before: always;\">Go to Virtual network gateway and create a connection in <strong>Virtual network gateways &gt; Azure-VPN-Pal &gt; connections &gt; Add<\/strong>\r\n\r\n[caption id=\"attachment_585\" align=\"aligncenter\" width=\"250\"]<img class=\"wp-image-585\" src=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00155.png\" alt=\"Connection configuration\" width=\"250\" height=\"468\" \/> Figure 4.20: Connection configuration[\/caption]\r\n\r\nBased on the Microsoft article <a href=\"https:\/\/learn.microsoft.com\/en-us\/azure\/vpn-gateway\/vpn-gateway-about-compliance-crypto\">\u201cAbout cryptographic requirements and Azure VPN gateways\u201d<\/a>, by default, integrity is SHA384, SHA256, SHA1, MD5, and encryption is AES256, AES192, AES128, DES3, DES. So, we'll select SHA1 and AES128 in FortiGate. After doing this step, you should receive a Public IP address in the Overview tab.\r\n\r\n[caption id=\"attachment_586\" align=\"aligncenter\" width=\"1539\"]<img class=\"wp-image-586 size-full\" src=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00156.png\" alt=\"Verify public IP address\" width=\"1539\" height=\"399\" \/> Figure 4.21: Verify the public IP address[\/caption]<\/li>\r\n<\/ol>\r\n<h2 style=\"page-break-before: always;\">Palo Alto Configuration<\/h2>\r\n<ol>\r\n \t<li>First, we'll configure Ports IP address.\r\n\r\n[caption id=\"attachment_571\" align=\"aligncenter\" width=\"652\"]<img class=\"wp-image-571\" src=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00142.png\" alt=\"Ethernet 1\/1 Config\" width=\"652\" height=\"284\" \/> Figure 4.22: Ethernet 1\/1 Config[\/caption]\r\n\r\n[caption id=\"attachment_572\" align=\"aligncenter\" width=\"657\"]<img class=\"wp-image-572\" src=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00143.png\" alt=\"Ethernet 1\/1 IPV4\" width=\"657\" height=\"364\" \/> Figure 4.23: Ethernet 1\/1 IPV4[\/caption]\r\n\r\n[caption id=\"attachment_573\" align=\"aligncenter\" width=\"666\"]<img class=\"wp-image-573\" src=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00144.png\" alt=\"Ethernet 1\/2 Config\" width=\"666\" height=\"299\" \/> Figure 4.24: Ethernet 1\/2 Config[\/caption]\r\n\r\n[caption id=\"attachment_574\" align=\"aligncenter\" width=\"668\"]<img class=\"wp-image-574\" src=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00145.png\" alt=\"Ethernet 1\/2 IPv4\" width=\"668\" height=\"499\" \/> Figure 4.25: Ethernet 1\/2 IPv4[\/caption]\r\n\r\nThen, create a tunnel.\r\n\r\n[caption id=\"attachment_576\" align=\"aligncenter\" width=\"670\"]<img class=\"wp-image-576\" src=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00146.png\" alt=\"Create a tunnel 1\" width=\"670\" height=\"236\" \/> Figure 4.26: Create a tunnel 1[\/caption]\r\n\r\n[caption id=\"attachment_577\" align=\"aligncenter\" width=\"691\"]<img class=\"wp-image-577\" src=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00147.png\" alt=\"Verify Tunnel1\" width=\"691\" height=\"219\" \/> Figure 4.27: Verify Tunnel1[\/caption]\r\n\r\nThen, <strong>commit the configuration<\/strong>!<\/li>\r\n \t<li style=\"page-break-before: always;\">Create a static route to tunnel1 and ethernet1\/1 as following figures. Traffic related to <strong>10.0.0.0\/16<\/strong> should go through the tunnel. The rest of the traffic should go through the default Gateway.\r\n\r\n[caption id=\"attachment_598\" align=\"aligncenter\" width=\"500\"]<img class=\"wp-image-598\" src=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00169.png\" alt=\" Create a static route to ethernet 1\/1\" width=\"500\" height=\"459\" \/> Figure 4.28: Create a static route to ethernet 1\/1[\/caption]\r\n\r\n[caption id=\"attachment_599\" align=\"aligncenter\" width=\"500\"]<img class=\"wp-image-599\" src=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00170.png\" alt=\"Create a static route to tunnel.1\" width=\"500\" height=\"438\" \/> Figure 4.29: Create a static route to tunnel.1[\/caption]<\/li>\r\n \t<li style=\"page-break-before: always;\">Go to <strong>Network &gt; Network Profiles &gt; Create an IKE Crypto<\/strong>.\r\n\r\n[caption id=\"attachment_607\" align=\"aligncenter\" width=\"500\"]<img class=\"wp-image-607\" src=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00177.png\" alt=\"Create an IKE Crypto Profile\" width=\"500\" height=\"270\" \/> Figure 4.30: Create an IKE Crypto Profile[\/caption]<\/li>\r\n \t<li>Go to <strong>Network &gt; Network Profiles &gt; Create an IPsec Crypto Profile<\/strong>.\r\n\r\n[caption id=\"attachment_609\" align=\"aligncenter\" width=\"500\"]<img class=\"wp-image-609\" src=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00178.png\" alt=\" Create an IPSEC Crypto Profile\" width=\"500\" height=\"282\" \/> Figure 4.31: Create an IPsec Crypto Profile[\/caption]<\/li>\r\n \t<li style=\"page-break-before: always;\">Go to <strong>Network &gt; Network Profiles &gt; Create an IKE Crypto Gateways<\/strong>.\r\n\r\n[caption id=\"attachment_589\" align=\"aligncenter\" width=\"500\"]<img class=\"wp-image-589\" src=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00157.png\" alt=\"Create an IKE Gateway\" width=\"500\" height=\"408\" \/> Figure 4.32: Create an IKE Gateway[\/caption]\r\n\r\n[caption id=\"attachment_590\" align=\"aligncenter\" width=\"500\"]<img class=\"wp-image-590\" src=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00158.png\" alt=\"Select IKE Crypto Profile\" width=\"500\" height=\"307\" \/> Figure 4.33: Select IKE Crypto Profile[\/caption]<\/li>\r\n \t<li style=\"page-break-before: always;\">Go to <strong>Network &gt; IPsec Tunnels &gt; Add. <\/strong>Select the previous profile you have created as Figure 4.34.\r\n\r\n[caption id=\"attachment_591\" align=\"aligncenter\" width=\"500\"]<img class=\"wp-image-591\" src=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00159.png\" alt=\"Create an IPSEC Tunnel\" width=\"500\" height=\"220\" \/> Figure 4.34: Create an IPsec Tunnel[\/caption]<\/li>\r\n \t<li>Create a firewall policy from LAN to VPN zone and from VPN to LAN.\r\n\r\n[caption id=\"attachment_611\" align=\"aligncenter\" width=\"1342\"]<img class=\"wp-image-611 size-full\" src=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00180.png\" alt=\"Create a security policy &quot;LAN-AZ&quot;\" width=\"1342\" height=\"468\" \/> Figure 4.35: Create a security policy \"LAN-AZ\"[\/caption]\r\n\r\n[caption id=\"attachment_593\" align=\"aligncenter\" width=\"1339\"]<img class=\"wp-image-593 size-full\" src=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00162.png\" alt=\"Create a security policy &quot;LAN-AZ&quot; - Select source zone as LAN\" width=\"1339\" height=\"518\" \/> Figure 4.36: Create a security policy \"LAN-AZ.\" Select the source zone as LAN.[\/caption]\r\n\r\n[caption id=\"attachment_610\" align=\"aligncenter\" width=\"1344\"]<img class=\"wp-image-610 size-full\" src=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00179.png\" alt=\"Create a security policy &quot;LAN-AZ&quot; - Select destination zone as VPN\" width=\"1344\" height=\"522\" \/> Figure 4.37: Create a security policy \"LAN-AZ.\" Select destination zone as VPN.[\/caption]\r\n\r\n[caption id=\"attachment_594\" align=\"aligncenter\" width=\"1342\"]<img class=\"wp-image-594 size-full\" src=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00163.png\" alt=\" Create a security policy &quot;AZ-LAN&quot;\" width=\"1342\" height=\"479\" \/> Figure 4.38: Create a security policy \"AZ-LAN\"[\/caption]\r\n\r\n[caption id=\"attachment_595\" align=\"aligncenter\" width=\"1345\"]<img class=\"wp-image-595 size-full\" src=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00164.png\" alt=\"Create a security policy &quot;AZ-LAN&quot; - Select source zone as VPN\" width=\"1345\" height=\"524\" \/> Figure 4.39: Create a security policy \"AZ-LAN.\" Select source zone as VPN.[\/caption]\r\n\r\n[caption id=\"attachment_596\" align=\"aligncenter\" width=\"1339\"]<img class=\"wp-image-596 size-full\" src=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00165.png\" alt=\"Create a security policy &quot;AZ-LAN&quot; - Select destination zone as LAN\" width=\"1339\" height=\"509\" \/> Figure 4.40: Create a security policy \"AZ-LAN.\" Select destination zone as LAN.[\/caption]\r\n\r\nDon't forget to commit the configuration!<\/li>\r\n<\/ol>\r\n<h2 style=\"page-break-before: always;\">Verify Connections<\/h2>\r\nIf you navigate to IPsec Tunnel, the status should be up.\r\n\r\n[caption id=\"attachment_600\" align=\"aligncenter\" width=\"1281\"]<img class=\"wp-image-600 size-full\" src=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00171.png\" alt=\"Verify IPSEC Tunnel\" width=\"1281\" height=\"260\" \/> Figure 4.41: Verify IPsec Tunnel[\/caption]\r\n\r\n[caption id=\"attachment_601\" align=\"aligncenter\" width=\"500\"]<img class=\"wp-image-601\" src=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00172.png\" alt=\"Verify Connections in Azure\" width=\"500\" height=\"192\" \/> Figure 4.42: Verify connections in Azure[\/caption]\r\n\r\n[caption id=\"attachment_613\" align=\"aligncenter\" width=\"500\"]<img class=\"wp-image-613\" src=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00174.png\" alt=\"Verify ping from Windows to webterm\" width=\"500\" height=\"188\" \/> Figure 4.43: Verify ping from Windows to webterm[\/caption]\r\n\r\n[caption id=\"attachment_614\" align=\"aligncenter\" width=\"500\"]<img class=\"wp-image-614\" src=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00175.png\" alt=\"Verify ping from webterm to Windows in Azure\" width=\"500\" height=\"148\" \/> Figure 4.44: Verify ping from webterm to Windows in Azure[\/caption]","rendered":"<div class=\"textbox textbox--learning-objectives\">\n<header class=\"textbox__header\">\n<p class=\"textbox__title\">Learning Objectives<\/p>\n<\/header>\n<div class=\"textbox__content\">\n<ul>\n<li>Configure a Virtual Network in Microsoft Azure<\/li>\n<li>Set up and configure the Azure VPN Gateway for IPsec VPN<\/li>\n<li>Implement Network Security Groups (NSGs) in Azure for traffic control<\/li>\n<li>Monitor and troubleshoot IPsec VPN connections on Palo Alto<\/li>\n<\/ul>\n<\/div>\n<\/div>\n<div class=\"textbox shaded\"><strong>Scenario<\/strong>: We are going to connect on-premise Palo Alto to Azure Virtual Gateway. This is going to be IPsec VPN between Palo Alto and Azure. First, we&#8217;ll configure Azure and then connect Palo Alto through Port1 to Azure Virtual Gateway.<\/div>\n<figure id=\"attachment_606\" aria-describedby=\"caption-attachment-606\" style=\"width: 1173px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-606 size-full\" src=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00176.png\" alt=\"Site-to-Site VPN between Palo Alto on-prem and Microsoft Azure\" width=\"1173\" height=\"541\" srcset=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00176.png 1173w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00176-300x138.png 300w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00176-1024x472.png 1024w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00176-768x354.png 768w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00176-65x30.png 65w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00176-225x104.png 225w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00176-350x161.png 350w\" sizes=\"auto, (max-width: 1173px) 100vw, 1173px\" \/><figcaption id=\"caption-attachment-606\" class=\"wp-caption-text\">Figure 4.1: Main scenario<\/figcaption><\/figure>\n<h2 style=\"page-break-before: always;\">Azure Configuration<\/h2>\n<ol>\n<li>Create a resource group in Azure as follows:\n<ul>\n<li><strong>Resource group:<\/strong> Pal<\/li>\n<li><strong>Region:<\/strong> West US<\/li>\n<\/ul>\n<figure id=\"attachment_554\" aria-describedby=\"caption-attachment-554\" style=\"width: 1103px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-554 size-full\" src=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00131.png\" alt=\"Step1-Create a resource group\" width=\"1103\" height=\"382\" srcset=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00131.png 1103w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00131-300x104.png 300w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00131-1024x355.png 1024w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00131-768x266.png 768w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00131-65x23.png 65w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00131-225x78.png 225w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00131-350x121.png 350w\" sizes=\"auto, (max-width: 1103px) 100vw, 1103px\" \/><figcaption id=\"caption-attachment-554\" class=\"wp-caption-text\">Figure 4.2: Create a resource group<\/figcaption><\/figure>\n<figure id=\"attachment_555\" aria-describedby=\"caption-attachment-555\" style=\"width: 500px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-555\" src=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00132.png\" alt=\"Step 2- create a resource group\" width=\"500\" height=\"400\" srcset=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00132.png 1003w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00132-300x240.png 300w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00132-768x615.png 768w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00132-65x52.png 65w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00132-225x180.png 225w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00132-350x280.png 350w\" sizes=\"auto, (max-width: 500px) 100vw, 500px\" \/><figcaption id=\"caption-attachment-555\" class=\"wp-caption-text\">Figure 4.3: Create a resource group<\/figcaption><\/figure>\n<figure id=\"attachment_556\" aria-describedby=\"caption-attachment-556\" style=\"width: 500px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-556\" src=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00133.png\" alt=\"Step3- create a resource group\" width=\"500\" height=\"485\" srcset=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00133.png 764w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00133-300x291.png 300w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00133-65x63.png 65w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00133-225x218.png 225w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00133-350x339.png 350w\" sizes=\"auto, (max-width: 500px) 100vw, 500px\" \/><figcaption id=\"caption-attachment-556\" class=\"wp-caption-text\">Figure 4.4: Create a resource group<\/figcaption><\/figure>\n<\/li>\n<li>Create a virtual network as follows:\n<ul>\n<li><strong>Resource group:<\/strong> Pal<\/li>\n<li><strong>Name:<\/strong> Azure-Pal<\/li>\n<li><strong>Region:<\/strong> West US<\/li>\n<li><strong>Change the default subnet:<\/strong> 10.0.1.0\/24<\/li>\n<\/ul>\n<figure id=\"attachment_559\" aria-describedby=\"caption-attachment-559\" style=\"width: 1072px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-559 size-full\" src=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00134.png\" alt=\"Step1- create a virtual network\" width=\"1072\" height=\"809\" srcset=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00134.png 1072w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00134-300x226.png 300w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00134-1024x773.png 1024w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00134-768x580.png 768w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00134-65x49.png 65w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00134-225x170.png 225w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00134-350x264.png 350w\" sizes=\"auto, (max-width: 1072px) 100vw, 1072px\" \/><figcaption id=\"caption-attachment-559\" class=\"wp-caption-text\">Figure 4.5: Create a virtual network<\/figcaption><\/figure>\n<figure id=\"attachment_561\" aria-describedby=\"caption-attachment-561\" style=\"width: 1880px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-561 size-full\" src=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00135.png\" alt=\"Step2- create a virtual network(Change default subnet)\" width=\"1880\" height=\"854\" srcset=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00135.png 1880w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00135-300x136.png 300w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00135-1024x465.png 1024w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00135-768x349.png 768w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00135-1536x698.png 1536w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00135-65x30.png 65w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00135-225x102.png 225w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00135-350x159.png 350w\" sizes=\"auto, (max-width: 1880px) 100vw, 1880px\" \/><figcaption id=\"caption-attachment-561\" class=\"wp-caption-text\">Figure 4.6: Create a virtual network (Change default subnet)<\/figcaption><\/figure>\n<figure id=\"attachment_833\" aria-describedby=\"caption-attachment-833\" style=\"width: 500px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-833 size-full\" src=\"https:\/\/pressbooks.bccampus.ca\/htalebi\/wp-content\/uploads\/sites\/1634\/2022\/04\/ScreenShot00085-1.jpg\" alt=\"Step3- create a virtual network\" width=\"500\" height=\"841\" \/><figcaption id=\"caption-attachment-833\" class=\"wp-caption-text\">Figure 4.7: Create a virtual network<\/figcaption><\/figure>\n<figure id=\"attachment_834\" aria-describedby=\"caption-attachment-834\" style=\"width: 500px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-834 size-full\" src=\"https:\/\/pressbooks.bccampus.ca\/htalebi\/wp-content\/uploads\/sites\/1634\/2022\/04\/ScreenShot00086-1.jpg\" alt=\"Step4- create a virtual network\" width=\"500\" height=\"825\" \/><figcaption id=\"caption-attachment-834\" class=\"wp-caption-text\">Figure 4.8: Create a virtual network<\/figcaption><\/figure>\n<figure id=\"attachment_562\" aria-describedby=\"caption-attachment-562\" style=\"width: 500px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-562\" src=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00136.png\" alt=\"Step5- create a virtual network\" width=\"500\" height=\"677\" \/><figcaption id=\"caption-attachment-562\" class=\"wp-caption-text\">Figure 4.9: Create a virtual network<\/figcaption><\/figure>\n<\/li>\n<li style=\"page-break-before: always;\">Create a virtual network gateway as following:\n<ul>\n<li><strong>Name:<\/strong> Azure-VPN-Pal<\/li>\n<li><strong>Region:<\/strong> West US<\/li>\n<li><strong>Generation:<\/strong> Generation1<\/li>\n<li><strong>Gateway subnet address range:<\/strong> 10.0.0.0\/24<\/li>\n<li><strong>Public IP address name:<\/strong> AzurePublic<\/li>\n<\/ul>\n<p>Click on Create and Review. It takes around <strong>25<\/strong> minutes to deploy a virtual network gateway in Azure.<\/p>\n<figure id=\"attachment_564\" aria-describedby=\"caption-attachment-564\" style=\"width: 500px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-564\" src=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00137.png\" alt=\"Step1- create a virtual network gateways\" width=\"500\" height=\"219\" srcset=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00137.png 904w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00137-300x131.png 300w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00137-768x336.png 768w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00137-65x28.png 65w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00137-225x99.png 225w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00137-350x153.png 350w\" sizes=\"auto, (max-width: 500px) 100vw, 500px\" \/><figcaption id=\"caption-attachment-564\" class=\"wp-caption-text\">Figure 4.10: Create a virtual network gateway<\/figcaption><\/figure>\n<figure id=\"attachment_565\" aria-describedby=\"caption-attachment-565\" style=\"width: 500px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-565\" src=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00138.png\" alt=\"Step 2- create a virtual network gateway\" width=\"500\" height=\"677\" \/><figcaption id=\"caption-attachment-565\" class=\"wp-caption-text\">Figure 4.11: Create a virtual network gateway<\/figcaption><\/figure>\n<figure id=\"attachment_566\" aria-describedby=\"caption-attachment-566\" style=\"width: 500px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-566\" src=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00139.png\" alt=\"Step3- create a virtual network gateway\" width=\"500\" height=\"389\" srcset=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00139.png 1032w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00139-300x233.png 300w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00139-1024x796.png 1024w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00139-768x597.png 768w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00139-65x51.png 65w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00139-225x175.png 225w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00139-350x272.png 350w\" sizes=\"auto, (max-width: 500px) 100vw, 500px\" \/><figcaption id=\"caption-attachment-566\" class=\"wp-caption-text\">Figure 4.12: Create a virtual network gateway<\/figcaption><\/figure>\n<figure id=\"attachment_567\" aria-describedby=\"caption-attachment-567\" style=\"width: 400px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-567\" src=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00140.png\" alt=\"Step4- create a virtual network gateway\" width=\"400\" height=\"421\" srcset=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00140.png 781w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00140-285x300.png 285w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00140-768x808.png 768w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00140-65x68.png 65w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00140-225x237.png 225w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00140-350x368.png 350w\" sizes=\"auto, (max-width: 400px) 100vw, 400px\" \/><figcaption id=\"caption-attachment-567\" class=\"wp-caption-text\">Figure 4.13: Create a virtual network gateway<\/figcaption><\/figure>\n<figure id=\"attachment_569\" aria-describedby=\"caption-attachment-569\" style=\"width: 1317px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-569 size-full\" src=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00141.png\" alt=\"Step 5- create a virtual network gateway( Deployment)\" width=\"1317\" height=\"354\" srcset=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00141.png 1317w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00141-300x81.png 300w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00141-1024x275.png 1024w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00141-768x206.png 768w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00141-65x17.png 65w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00141-225x60.png 225w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00141-350x94.png 350w\" sizes=\"auto, (max-width: 1317px) 100vw, 1317px\" \/><figcaption id=\"caption-attachment-569\" class=\"wp-caption-text\">Figure 4.14: Create a virtual network gateway (deployment)<\/figcaption><\/figure>\n<figure id=\"attachment_579\" aria-describedby=\"caption-attachment-579\" style=\"width: 1075px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-579 size-full\" src=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00150.png\" alt=\"Step 6- Deployment of virtual network gateway\" width=\"1075\" height=\"319\" srcset=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00150.png 1075w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00150-300x89.png 300w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00150-1024x304.png 1024w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00150-768x228.png 768w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00150-65x19.png 65w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00150-225x67.png 225w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00150-350x104.png 350w\" sizes=\"auto, (max-width: 1075px) 100vw, 1075px\" \/><figcaption id=\"caption-attachment-579\" class=\"wp-caption-text\">Figure 4.15: Deployment of virtual network gateway<\/figcaption><\/figure>\n<\/li>\n<li style=\"page-break-before: always;\">Create a local network gateway as follows:\n<ul>\n<li><strong>Resource Group:<\/strong> Pal<\/li>\n<li><strong>Region:<\/strong> West US<\/li>\n<li><strong>Name:<\/strong> PaloAlto<\/li>\n<li><strong>IP Address:<\/strong> IP_Address_of_Port1_FortiGate(On Prem)<\/li>\n<li><strong>Address Space:<\/strong> IP_Address_LocalNetwork<\/li>\n<\/ul>\n<figure id=\"attachment_580\" aria-describedby=\"caption-attachment-580\" style=\"width: 400px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-580\" src=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00151.png\" alt=\"Step 1- create a local network gateway\" width=\"400\" height=\"172\" srcset=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00151.png 753w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00151-300x129.png 300w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00151-65x28.png 65w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00151-225x97.png 225w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00151-350x151.png 350w\" sizes=\"auto, (max-width: 400px) 100vw, 400px\" \/><figcaption id=\"caption-attachment-580\" class=\"wp-caption-text\">Figure 4.16: Create a local network gateway<\/figcaption><\/figure>\n<figure id=\"attachment_581\" aria-describedby=\"caption-attachment-581\" style=\"width: 400px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-581\" src=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00152.png\" alt=\"Step 2- create a local network gateway\" width=\"400\" height=\"303\" srcset=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00152.png 1062w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00152-300x227.png 300w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00152-1024x775.png 1024w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00152-768x581.png 768w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00152-65x49.png 65w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00152-225x170.png 225w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00152-350x265.png 350w\" sizes=\"auto, (max-width: 400px) 100vw, 400px\" \/><figcaption id=\"caption-attachment-581\" class=\"wp-caption-text\">Figure 4.17: Create a local network gateway<\/figcaption><\/figure>\n<figure id=\"attachment_582\" aria-describedby=\"caption-attachment-582\" style=\"width: 400px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-582\" src=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00153.png\" alt=\"Step 3- create a local network gateway (Review + create)\" width=\"400\" height=\"395\" srcset=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00153.png 817w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00153-300x296.png 300w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00153-768x758.png 768w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00153-65x64.png 65w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00153-225x222.png 225w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00153-350x345.png 350w\" sizes=\"auto, (max-width: 400px) 100vw, 400px\" \/><figcaption id=\"caption-attachment-582\" class=\"wp-caption-text\">Figure 4.18: Create a local network gateway (review + create)<\/figcaption><\/figure>\n<figure id=\"attachment_583\" aria-describedby=\"caption-attachment-583\" style=\"width: 819px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-583\" src=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00154.png\" alt=\"Step 4- Verify local network gateway deployment\" width=\"819\" height=\"237\" \/><figcaption id=\"caption-attachment-583\" class=\"wp-caption-text\">Figure 4.19: Verify local network gateway deployment<\/figcaption><\/figure>\n<\/li>\n<li style=\"page-break-before: always;\">Go to Virtual network gateway and create a connection in <strong>Virtual network gateways &gt; Azure-VPN-Pal &gt; connections &gt; Add<\/strong><br \/>\n<figure id=\"attachment_585\" aria-describedby=\"caption-attachment-585\" style=\"width: 250px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-585\" src=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00155.png\" alt=\"Connection configuration\" width=\"250\" height=\"468\" srcset=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00155.png 441w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00155-160x300.png 160w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00155-65x122.png 65w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00155-225x421.png 225w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00155-350x656.png 350w\" sizes=\"auto, (max-width: 250px) 100vw, 250px\" \/><figcaption id=\"caption-attachment-585\" class=\"wp-caption-text\">Figure 4.20: Connection configuration<\/figcaption><\/figure>\n<p>Based on the Microsoft article <a href=\"https:\/\/learn.microsoft.com\/en-us\/azure\/vpn-gateway\/vpn-gateway-about-compliance-crypto\">\u201cAbout cryptographic requirements and Azure VPN gateways\u201d<\/a>, by default, integrity is SHA384, SHA256, SHA1, MD5, and encryption is AES256, AES192, AES128, DES3, DES. So, we&#8217;ll select SHA1 and AES128 in FortiGate. After doing this step, you should receive a Public IP address in the Overview tab.<\/p>\n<figure id=\"attachment_586\" aria-describedby=\"caption-attachment-586\" style=\"width: 1539px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-586 size-full\" src=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00156.png\" alt=\"Verify public IP address\" width=\"1539\" height=\"399\" srcset=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00156.png 1539w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00156-300x78.png 300w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00156-1024x265.png 1024w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00156-768x199.png 768w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00156-1536x398.png 1536w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00156-65x17.png 65w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00156-225x58.png 225w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00156-350x91.png 350w\" sizes=\"auto, (max-width: 1539px) 100vw, 1539px\" \/><figcaption id=\"caption-attachment-586\" class=\"wp-caption-text\">Figure 4.21: Verify the public IP address<\/figcaption><\/figure>\n<\/li>\n<\/ol>\n<h2 style=\"page-break-before: always;\">Palo Alto Configuration<\/h2>\n<ol>\n<li>First, we&#8217;ll configure Ports IP address.<br \/>\n<figure id=\"attachment_571\" aria-describedby=\"caption-attachment-571\" style=\"width: 652px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-571\" src=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00142.png\" alt=\"Ethernet 1\/1 Config\" width=\"652\" height=\"284\" \/><figcaption id=\"caption-attachment-571\" class=\"wp-caption-text\">Figure 4.22: Ethernet 1\/1 Config<\/figcaption><\/figure>\n<figure id=\"attachment_572\" aria-describedby=\"caption-attachment-572\" style=\"width: 657px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-572\" src=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00143.png\" alt=\"Ethernet 1\/1 IPV4\" width=\"657\" height=\"364\" \/><figcaption id=\"caption-attachment-572\" class=\"wp-caption-text\">Figure 4.23: Ethernet 1\/1 IPV4<\/figcaption><\/figure>\n<figure id=\"attachment_573\" aria-describedby=\"caption-attachment-573\" style=\"width: 666px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-573\" src=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00144.png\" alt=\"Ethernet 1\/2 Config\" width=\"666\" height=\"299\" srcset=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00144.png 920w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00144-300x134.png 300w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00144-768x344.png 768w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00144-65x29.png 65w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00144-225x101.png 225w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00144-350x157.png 350w\" sizes=\"auto, (max-width: 666px) 100vw, 666px\" \/><figcaption id=\"caption-attachment-573\" class=\"wp-caption-text\">Figure 4.24: Ethernet 1\/2 Config<\/figcaption><\/figure>\n<figure id=\"attachment_574\" aria-describedby=\"caption-attachment-574\" style=\"width: 668px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-574\" src=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00145.png\" alt=\"Ethernet 1\/2 IPv4\" width=\"668\" height=\"499\" \/><figcaption id=\"caption-attachment-574\" class=\"wp-caption-text\">Figure 4.25: Ethernet 1\/2 IPv4<\/figcaption><\/figure>\n<p>Then, create a tunnel.<\/p>\n<figure id=\"attachment_576\" aria-describedby=\"caption-attachment-576\" style=\"width: 670px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-576\" src=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00146.png\" alt=\"Create a tunnel 1\" width=\"670\" height=\"236\" \/><figcaption id=\"caption-attachment-576\" class=\"wp-caption-text\">Figure 4.26: Create a tunnel 1<\/figcaption><\/figure>\n<figure id=\"attachment_577\" aria-describedby=\"caption-attachment-577\" style=\"width: 691px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-577\" src=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00147.png\" alt=\"Verify Tunnel1\" width=\"691\" height=\"219\" srcset=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00147-300x96.png 300w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00147-65x21.png 65w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00147-225x72.png 225w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00147-350x112.png 350w\" sizes=\"auto, (max-width: 691px) 100vw, 691px\" \/><figcaption id=\"caption-attachment-577\" class=\"wp-caption-text\">Figure 4.27: Verify Tunnel1<\/figcaption><\/figure>\n<p>Then, <strong>commit the configuration<\/strong>!<\/li>\n<li style=\"page-break-before: always;\">Create a static route to tunnel1 and ethernet1\/1 as following figures. Traffic related to <strong>10.0.0.0\/16<\/strong> should go through the tunnel. The rest of the traffic should go through the default Gateway.<br \/>\n<figure id=\"attachment_598\" aria-describedby=\"caption-attachment-598\" style=\"width: 500px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-598\" src=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00169.png\" alt=\"Create a static route to ethernet 1\/1\" width=\"500\" height=\"459\" srcset=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00169.png 739w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00169-300x275.png 300w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00169-65x60.png 65w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00169-225x206.png 225w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00169-350x321.png 350w\" sizes=\"auto, (max-width: 500px) 100vw, 500px\" \/><figcaption id=\"caption-attachment-598\" class=\"wp-caption-text\">Figure 4.28: Create a static route to ethernet 1\/1<\/figcaption><\/figure>\n<figure id=\"attachment_599\" aria-describedby=\"caption-attachment-599\" style=\"width: 500px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-599\" src=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00170.png\" alt=\"Create a static route to tunnel.1\" width=\"500\" height=\"438\" srcset=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00170.png 745w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00170-300x263.png 300w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00170-65x57.png 65w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00170-225x197.png 225w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00170-350x307.png 350w\" sizes=\"auto, (max-width: 500px) 100vw, 500px\" \/><figcaption id=\"caption-attachment-599\" class=\"wp-caption-text\">Figure 4.29: Create a static route to tunnel.1<\/figcaption><\/figure>\n<\/li>\n<li style=\"page-break-before: always;\">Go to <strong>Network &gt; Network Profiles &gt; Create an IKE Crypto<\/strong>.<br \/>\n<figure id=\"attachment_607\" aria-describedby=\"caption-attachment-607\" style=\"width: 500px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-607\" src=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00177.png\" alt=\"Create an IKE Crypto Profile\" width=\"500\" height=\"270\" srcset=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00177.png 994w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00177-300x162.png 300w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00177-768x415.png 768w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00177-65x35.png 65w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00177-225x122.png 225w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00177-350x189.png 350w\" sizes=\"auto, (max-width: 500px) 100vw, 500px\" \/><figcaption id=\"caption-attachment-607\" class=\"wp-caption-text\">Figure 4.30: Create an IKE Crypto Profile<\/figcaption><\/figure>\n<\/li>\n<li>Go to <strong>Network &gt; Network Profiles &gt; Create an IPsec Crypto Profile<\/strong>.<br \/>\n<figure id=\"attachment_609\" aria-describedby=\"caption-attachment-609\" style=\"width: 500px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-609\" src=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00178.png\" alt=\"Create an IPSEC Crypto Profile\" width=\"500\" height=\"282\" srcset=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00178.png 998w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00178-300x169.png 300w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00178-768x433.png 768w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00178-65x37.png 65w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00178-225x127.png 225w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00178-350x197.png 350w\" sizes=\"auto, (max-width: 500px) 100vw, 500px\" \/><figcaption id=\"caption-attachment-609\" class=\"wp-caption-text\">Figure 4.31: Create an IPsec Crypto Profile<\/figcaption><\/figure>\n<\/li>\n<li style=\"page-break-before: always;\">Go to <strong>Network &gt; Network Profiles &gt; Create an IKE Crypto Gateways<\/strong>.<br \/>\n<figure id=\"attachment_589\" aria-describedby=\"caption-attachment-589\" style=\"width: 500px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-589\" src=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00157.png\" alt=\"Create an IKE Gateway\" width=\"500\" height=\"408\" srcset=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00157.png 743w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00157-300x245.png 300w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00157-65x53.png 65w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00157-225x184.png 225w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00157-350x285.png 350w\" sizes=\"auto, (max-width: 500px) 100vw, 500px\" \/><figcaption id=\"caption-attachment-589\" class=\"wp-caption-text\">Figure 4.32: Create an IKE Gateway<\/figcaption><\/figure>\n<figure id=\"attachment_590\" aria-describedby=\"caption-attachment-590\" style=\"width: 500px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-590\" src=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00158.png\" alt=\"Select IKE Crypto Profile\" width=\"500\" height=\"307\" srcset=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00158.png 748w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00158-300x184.png 300w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00158-65x40.png 65w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00158-225x138.png 225w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00158-350x215.png 350w\" sizes=\"auto, (max-width: 500px) 100vw, 500px\" \/><figcaption id=\"caption-attachment-590\" class=\"wp-caption-text\">Figure 4.33: Select IKE Crypto Profile<\/figcaption><\/figure>\n<\/li>\n<li style=\"page-break-before: always;\">Go to <strong>Network &gt; IPsec Tunnels &gt; Add. <\/strong>Select the previous profile you have created as Figure 4.34.<br \/>\n<figure id=\"attachment_591\" aria-describedby=\"caption-attachment-591\" style=\"width: 500px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-591\" src=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00159.png\" alt=\"Create an IPSEC Tunnel\" width=\"500\" height=\"220\" srcset=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00159.png 996w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00159-300x132.png 300w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00159-768x339.png 768w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00159-65x29.png 65w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00159-225x99.png 225w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00159-350x154.png 350w\" sizes=\"auto, (max-width: 500px) 100vw, 500px\" \/><figcaption id=\"caption-attachment-591\" class=\"wp-caption-text\">Figure 4.34: Create an IPsec Tunnel<\/figcaption><\/figure>\n<\/li>\n<li>Create a firewall policy from LAN to VPN zone and from VPN to LAN.<br \/>\n<figure id=\"attachment_611\" aria-describedby=\"caption-attachment-611\" style=\"width: 1342px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-611 size-full\" src=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00180.png\" alt=\"Create a security policy &quot;LAN-AZ&quot;\" width=\"1342\" height=\"468\" srcset=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00180.png 1342w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00180-300x105.png 300w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00180-1024x357.png 1024w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00180-768x268.png 768w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00180-65x23.png 65w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00180-225x78.png 225w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00180-350x122.png 350w\" sizes=\"auto, (max-width: 1342px) 100vw, 1342px\" \/><figcaption id=\"caption-attachment-611\" class=\"wp-caption-text\">Figure 4.35: Create a security policy &#8220;LAN-AZ&#8221;<\/figcaption><\/figure>\n<figure id=\"attachment_593\" aria-describedby=\"caption-attachment-593\" style=\"width: 1339px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-593 size-full\" src=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00162.png\" alt=\"Create a security policy &quot;LAN-AZ&quot; - Select source zone as LAN\" width=\"1339\" height=\"518\" srcset=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00162.png 1339w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00162-300x116.png 300w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00162-1024x396.png 1024w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00162-768x297.png 768w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00162-65x25.png 65w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00162-225x87.png 225w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00162-350x135.png 350w\" sizes=\"auto, (max-width: 1339px) 100vw, 1339px\" \/><figcaption id=\"caption-attachment-593\" class=\"wp-caption-text\">Figure 4.36: Create a security policy &#8220;LAN-AZ.&#8221; Select the source zone as LAN.<\/figcaption><\/figure>\n<figure id=\"attachment_610\" aria-describedby=\"caption-attachment-610\" style=\"width: 1344px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-610 size-full\" src=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00179.png\" alt=\"Create a security policy &quot;LAN-AZ&quot; - Select destination zone as VPN\" width=\"1344\" height=\"522\" srcset=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00179.png 1344w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00179-300x117.png 300w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00179-1024x398.png 1024w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00179-768x298.png 768w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00179-65x25.png 65w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00179-225x87.png 225w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00179-350x136.png 350w\" sizes=\"auto, (max-width: 1344px) 100vw, 1344px\" \/><figcaption id=\"caption-attachment-610\" class=\"wp-caption-text\">Figure 4.37: Create a security policy &#8220;LAN-AZ.&#8221; Select destination zone as VPN.<\/figcaption><\/figure>\n<figure id=\"attachment_594\" aria-describedby=\"caption-attachment-594\" style=\"width: 1342px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-594 size-full\" src=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00163.png\" alt=\"Create a security policy &quot;AZ-LAN&quot;\" width=\"1342\" height=\"479\" srcset=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00163.png 1342w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00163-300x107.png 300w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00163-1024x365.png 1024w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00163-768x274.png 768w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00163-65x23.png 65w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00163-225x80.png 225w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00163-350x125.png 350w\" sizes=\"auto, (max-width: 1342px) 100vw, 1342px\" \/><figcaption id=\"caption-attachment-594\" class=\"wp-caption-text\">Figure 4.38: Create a security policy &#8220;AZ-LAN&#8221;<\/figcaption><\/figure>\n<figure id=\"attachment_595\" aria-describedby=\"caption-attachment-595\" style=\"width: 1345px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-595 size-full\" src=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00164.png\" alt=\"Create a security policy &quot;AZ-LAN&quot; - Select source zone as VPN\" width=\"1345\" height=\"524\" srcset=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00164.png 1345w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00164-300x117.png 300w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00164-1024x399.png 1024w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00164-768x299.png 768w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00164-65x25.png 65w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00164-225x88.png 225w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00164-350x136.png 350w\" sizes=\"auto, (max-width: 1345px) 100vw, 1345px\" \/><figcaption id=\"caption-attachment-595\" class=\"wp-caption-text\">Figure 4.39: Create a security policy &#8220;AZ-LAN.&#8221; Select source zone as VPN.<\/figcaption><\/figure>\n<figure id=\"attachment_596\" aria-describedby=\"caption-attachment-596\" style=\"width: 1339px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-596 size-full\" src=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00165.png\" alt=\"Create a security policy &quot;AZ-LAN&quot; - Select destination zone as LAN\" width=\"1339\" height=\"509\" srcset=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00165.png 1339w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00165-300x114.png 300w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00165-1024x389.png 1024w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00165-768x292.png 768w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00165-65x25.png 65w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00165-225x86.png 225w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00165-350x133.png 350w\" sizes=\"auto, (max-width: 1339px) 100vw, 1339px\" \/><figcaption id=\"caption-attachment-596\" class=\"wp-caption-text\">Figure 4.40: Create a security policy &#8220;AZ-LAN.&#8221; Select destination zone as LAN.<\/figcaption><\/figure>\n<p>Don&#8217;t forget to commit the configuration!<\/li>\n<\/ol>\n<h2 style=\"page-break-before: always;\">Verify Connections<\/h2>\n<p>If you navigate to IPsec Tunnel, the status should be up.<\/p>\n<figure id=\"attachment_600\" aria-describedby=\"caption-attachment-600\" style=\"width: 1281px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-600 size-full\" src=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00171.png\" alt=\"Verify IPSEC Tunnel\" width=\"1281\" height=\"260\" srcset=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00171.png 1281w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00171-300x61.png 300w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00171-1024x208.png 1024w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00171-768x156.png 768w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00171-65x13.png 65w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00171-225x46.png 225w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00171-350x71.png 350w\" sizes=\"auto, (max-width: 1281px) 100vw, 1281px\" \/><figcaption id=\"caption-attachment-600\" class=\"wp-caption-text\">Figure 4.41: Verify IPsec Tunnel<\/figcaption><\/figure>\n<figure id=\"attachment_601\" aria-describedby=\"caption-attachment-601\" style=\"width: 500px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-601\" src=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00172.png\" alt=\"Verify Connections in Azure\" width=\"500\" height=\"192\" srcset=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00172.png 1313w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00172-300x115.png 300w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00172-1024x394.png 1024w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00172-768x295.png 768w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00172-65x25.png 65w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00172-225x87.png 225w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00172-350x135.png 350w\" sizes=\"auto, (max-width: 500px) 100vw, 500px\" \/><figcaption id=\"caption-attachment-601\" class=\"wp-caption-text\">Figure 4.42: Verify connections in Azure<\/figcaption><\/figure>\n<figure id=\"attachment_613\" aria-describedby=\"caption-attachment-613\" style=\"width: 500px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-613\" src=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00174.png\" alt=\"Verify ping from Windows to webterm\" width=\"500\" height=\"188\" srcset=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00174.png 613w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00174-300x113.png 300w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00174-65x24.png 65w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00174-225x84.png 225w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00174-350x131.png 350w\" sizes=\"auto, (max-width: 500px) 100vw, 500px\" \/><figcaption id=\"caption-attachment-613\" class=\"wp-caption-text\">Figure 4.43: Verify ping from Windows to webterm<\/figcaption><\/figure>\n<figure id=\"attachment_614\" aria-describedby=\"caption-attachment-614\" style=\"width: 500px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-614\" src=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00175.png\" alt=\"Verify ping from webterm to Windows in Azure\" width=\"500\" height=\"148\" srcset=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00175.png 826w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00175-300x89.png 300w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00175-768x228.png 768w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00175-65x19.png 65w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00175-225x67.png 225w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/ScreenShot00175-350x104.png 350w\" sizes=\"auto, (max-width: 500px) 100vw, 500px\" \/><figcaption id=\"caption-attachment-614\" class=\"wp-caption-text\">Figure 4.44: Verify ping from webterm to Windows in Azure<\/figcaption><\/figure>\n","protected":false},"author":1562,"menu_order":4,"template":"","meta":{"pb_show_title":"on","pb_short_title":"","pb_subtitle":"","pb_authors":[],"pb_section_license":""},"chapter-type":[],"contributor":[],"license":[],"class_list":["post-522","chapter","type-chapter","status-publish","hentry"],"part":627,"_links":{"self":[{"href":"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-json\/pressbooks\/v2\/chapters\/522","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-json\/pressbooks\/v2\/chapters"}],"about":[{"href":"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-json\/wp\/v2\/types\/chapter"}],"author":[{"embeddable":true,"href":"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-json\/wp\/v2\/users\/1562"}],"version-history":[{"count":25,"href":"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-json\/pressbooks\/v2\/chapters\/522\/revisions"}],"predecessor-version":[{"id":1127,"href":"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-json\/pressbooks\/v2\/chapters\/522\/revisions\/1127"}],"part":[{"href":"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-json\/pressbooks\/v2\/parts\/627"}],"metadata":[{"href":"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-json\/pressbooks\/v2\/chapters\/522\/metadata\/"}],"wp:attachment":[{"href":"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-json\/wp\/v2\/media?parent=522"}],"wp:term":[{"taxonomy":"chapter-type","embeddable":true,"href":"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-json\/pressbooks\/v2\/chapter-type?post=522"},{"taxonomy":"contributor","embeddable":true,"href":"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-json\/wp\/v2\/contributor?post=522"},{"taxonomy":"license","embeddable":true,"href":"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-json\/wp\/v2\/license?post=522"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}