Azure vWAN Paloalto VPN BGP

Intro

In a recent project I worked on, we had to setup Azure vWAN VPN with Paloalto firewalls, and enable BGP peering to exchange routes. This post covers the architecture and what is required to set that up.

Strap in Nerds, this is going to be fabulous.

Architecture

The following diagram is referenced in this post.

The below table lists the IP addressing relevant to this architecture.

#	Device	Interface	IP Address
1	fw01	interface 1	198.51.100.10
2	fw01	tunnel 11	<none>
3	fw01	tunnel 12	<none>
4	fw01	looopback 11	169.254.21.10
5	vpn0	public ip	203.0.113.11
6	vpn0	custom ip	169.254.21.11
7	vpn1	public ip	203.0.113.12
8	vpn1	custom ip	169.254.21.12

Azure Config

This section will cover the Azure configurations.

Paloalto Config

This section will cover the Paloalto configurations.

Outro

That's the post. Peace out nerds ✌️

Links

https://richardsoncloud.com/implement-a-highly-available-azure-vpn/

On This Page