i'm finally converting an old Juniper ScreenOS firewall to a PaloAlto firewall (5020). I have some problem to understand how to convert some Multicast static Routes.
On screen os i have this specific entry for ex:
Type: Static, Forwarding
Source IP: 192.168.100.126
Incoming Interface: eth3/6.3
Outgoing interface: eth3/6.2
set mroute mgroup 220.127.116.11 source 192.168.100.126 iif ethernet3/6.3 oif ethernet3/6.2
set access-list 12
set access-list 12 permit ip 18.104.22.168/32 10
set access-list 12 permit ip 22.214.171.124/32 20
Can you help me how to configure this on PaloAlto?
Thnxxx a lot
Recently we faced a similar scenario where multicast routes need to be converted to Palo Alto format. For Juniper ScreenOS firewall to a PaloAlto firewall (5200) series conversion.
Only relevant article we could find:
Here is cli o/p:
set mroute multiple-iif-enable
set mroute mgroup 200.X.X.X source 0.0.0.0 iif aggregate2 oif aggregate1
Can Palo Alto please reply?
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!