12-23-2016 02:47 AM
Hello.
Despite my best efforts I am unable to get this concept working.
We have 1 x Palo Alto 3020.
It has 2 Virtual routers configured. Both use 192.168.*.* networks.
I'd like to access a machine in the neighbour VR, from the opposite VR. As the networks overlap, I presumed this would be a case of using NAT.
I can't get the configuration to work at all. The closest I've come is to use PBF, but that doesn't incorporate the NAT element.
Can anyone who has done this, recommend an example configuration? I t can be as simple as:
default-VR
Client = 192.168.1.1
Next-VR
Client = 192.168.1.1
How does the default-VR client access the Next-VR client (and vice-versa).
Thanks
12-23-2016 04:35 AM
I am afraid you cannot make this setup work with 2 VRs in same VSYS.
You should deploy 2 VSYS, each of them with their own VR. Then you can make NAT rules between the 2 VSYS.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
