Resolved! Destination NAT Error
Hello All,
Doing an destination Nat but getting below Error. Could anyone please help me. Also pls find below my nat rule
Please note : Ethernet 1/1 is my Outside Interface
Discussions
VPN Tunnel from remote ASA: only one of three proxy-IDs working
Has anyone had an issue where a tunnel is configured with multiple proxy-id's for a policy-based peer, but a working security association is formed for only one of them?
I have a number of ASA 5505s that need to connect to my new Palo Altos from remo
...
Exception Handling in Palo Alto Support Page 7/22/2021
Hello Palo Alto Team,
I would like to bring this up with you.
I noticed that your support page went down today 7/22/2021 and that is fine. What worries me is the way your system handles exception. I think you are exposing to much that end user like m
...Disabling bad checksum on Firewalls
Hi All,
We have received an request to disable the drop of packets due to bad checksum. I had the following questions on this:
Q1: Can i see in the traffic logs if any connections are dropped due to bad checksum.
Q2: This can be done by enterin
...NAT SDWAN
Hello,
My Name is Dwi.
I have case with SD-WAN configuration.
I have 2 ISP DIA provider, and i want to combine 2 ISP provider in to single logical SD-WAN for Load Balancing Internet Traffic.
the Palo Alto device is under NAT, please help me to configure
...Using GlobalProtect , ExpressVPN and Remote desktop
Dear All,
I am pondering following scenarios:
1- I connect to Server "S" using GlobalProtect on my Computer "A". Now Assume i do not have access to computer "A" physically because i have moved to another city. I want to access computer "A" from anoth
...Resolved! Always On Global Protect VPN
When I am looking at GP Gateway Users I see some USERs with
ID prelogin and others where USER matches the COMPUTER name
field. Any idea why I might see one or the other? I am using certificate
authentication.
Why does URL Filtering Profile with a custom URL Category assigned require the same custom URL category assigned in a security rule to work?
Hi all,
Pardon me for the lengthy title.
Here is the layout of what I am working with:
- I am currently running PAN-3020 on PAN-OS 9.0.13
- I do not have a URL filtering licence
- I do not yet do decryption (long story).
- Security rules are any/any for testi
inter-vsys vs shared virtual router
Hi all
It seems like 1 virtual router can be shared by multiple vsys
Reading up
https://knowledgebase.paloaltonetworks.com/servlet/fileField?entityId=ka10g000000UADEAA4&field=Attachment_1__Body__s
1 VSYS can have all multiple VR’s as well as multiple V
...Resolved! techsupport file info
Does anyone know if you can see session tables in the tech support file? Trying to troubleshoot a session sync issue and wondering if I can go back and look at the table when the TS file was created.
Thanks
Joe
ECMP and PBF not work
we have a PA-820 with dual ISP internet (ethernet 2, ethernet 3) and ECMP. all PC 10.1.0.0/16 can load balancing through 2 Internet connection.
If I use PBF so PC 10.1.3.250 only go out through ISP 2( ethernet 3), I see this PC cant connect to Inter
...
Resolved! BGP on PanOS: allow route with own as number in as-path
hi,
i am new to panos and have problems in allowing a route with its own as number in as-path incoming from a peer. looks like the route is not accepted as a loop prevention but it is just the fact that the as number is used twice as two companies con
...10.0 user-id agent ignore_user_list not working
Since upgrading to pan os 10.0.6, we've noticed the "ignore_user_list" on our server user-id agents doesn't seem to be working. We did not have any issues prior to upgrading to 10.0.x. Has anyone else noticed this issue? We upgraded our user-id ag
...How to disable RSA/SHA1 on Palo alto device for SSH access
We are using OpenSSH v8.2 cannot connect to SSH hosts with SSH Proxy enabled (SSH Decryption).
Testing showing that this is due to the Palo Alto attempting to use RSA with SHA1 which has been removed by OpenSSH in v8.2.
Is there a way we can config
...Http traffic to https
Hi Guys
Can we redirect someone trying to access http://www.xxx.com to https://www.xxx.com ( port 80 to 443 ) ?
If we are using Dest NAT for https://www.xxx.com ?
Thanks
- kiwi on: Can log in PAN OS VM
- Sanjay_Ramaiah on: Understanding Static NAT
-
TomYoung
on:
file blocking profile not working for SFTP
- mhuels on: unknown command during SSH script
- tnayak on: Unable to access bing copilot (Bing AI Chat) from Prisma Access Remote Network
-
BPry
on:
When logging into the community can I turn off the email a code?
- MikeSchrader on: IKEv2 tunnel does not restore after HA failover
-
BPry
on:
Cortex XDR: How to block execution of some unwanted apps
-
OtakarKlier
on:
Inquiries about PBF nexthop settings when the ISP is a DHCP Client
- seb_rupik on: Query for routing table
| User | Likes Count |
|---|---|
| 10 | |
| 10 | |
| 7 | |
| 7 | |
| 6 |
Copyright 2007 - 2023 - Palo Alto Networks