cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

GRE Tunnel Interference

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Reply
ChrisRussell
L2 Linker
‎04-25-2017 09:15 AM
‎04-25-2017 09:15 AM

GRE Tunnel Interference

Has anyone seen interferrence with GRE tunnels passing through PANFW's set up in virtualwire for passive IDS? The policies are all any, any, any etc and there is no inspection configured? I've read NAT'ing issues may have something to do with it, but not sure why that would be required for a passive set up. 

****************************************************
ACE 7.0, PCNSE7
Tags (2)
0 Likes
Reply
Raido
L7 Applicator
‎04-25-2017 09:24 AM
‎04-25-2017 09:24 AM

Are you applying NAT for virtualwire traffic?

Enterprise Architect @ Cloud Carib www.cloudcarib.com
ACE, PCNSE, PCNSI
0 Likes
Reply
ChrisRussell
L2 Linker
‎04-27-2017 01:10 PM
‎04-27-2017 01:10 PM

No.

****************************************************
ACE 7.0, PCNSE7
0 Likes
Reply
BPry
Cyber Elite
Cyber Elite
‎04-27-2017 01:59 PM
‎04-27-2017 01:59 PM

I've never seen it cause any issues for anything like that unless it's getting logged as a threat or something like that. Especially in a virtualwire setup it really shouldn't be interfacing any of your traffic.

0 Likes
Reply
ChrisRussell
L2 Linker
‎04-28-2017 07:35 AM
‎04-28-2017 07:35 AM

I agree, and I think I'll be able to prove its not the Palo, but right now thats the only new thing in the environment so its the obvious target for blame. 

****************************************************
ACE 7.0, PCNSE7
0 Likes
Reply
Raido
L7 Applicator
‎04-28-2017 10:04 AM
‎04-28-2017 10:04 AM

Just run packet capture on "receive" and "transmit" states on Palo and you can verify if pacet it received on one side was sent out exactly the same.

If packet was dropped then "drop" state will capture them.

 

https://live.paloaltonetworks.com/t5/Management-Articles/Using-Packet-Filtering-through-the-WebGUI/t...

Enterprise Architect @ Cloud Carib www.cloudcarib.com
ACE, PCNSE, PCNSI
Reply
ChrisRussell
L2 Linker
‎05-01-2017 06:52 AM
‎05-01-2017 06:52 AM

Thanks. I just don't have access to the box yet, which is why I was seeing if anyone had experience with a similar issue. Once I can run some PCAPs, it will be clear. Thanks again for taking the time to help!

****************************************************
ACE 7.0, PCNSE7
0 Likes
Reply
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!

Latest Blogs
Latest Posts
Privacy Policy Terms of Use
Copyright 2007 - 2021 - Palo Alto Networks