Hello all, I currently have a case open with support on this issue. But I am looking for some customer feedback.
We presently have *two routes* and two separate firewalls. 10.0.44.1/22 on my Palo Alto, and 10.0.45.1/22 on a legacy Cisco L3 router. The Cisco has been stripped down and only really serves as a default route to a end of life firewall. My goal is to lift 10.0.45.1/22 from the old Cisco router and place it on my Palo Alto. In so many words ... I want to create a "secondary" IP address on the same subnet so that 10.0.45.1 and 10.0.44.1 are used interchangeably.
If I try to add these two addresses on the same one interface, the Palo rejects the changes with overlapping subnets. Support had suggested using a separate physical interface. But that gave me the same error message.
EDIT: This is on a Palo Alto PA-3250
Most of the articles and posts I have looked at for this issue point to a customer VPN where two remote sites have the same subnet(s). That doesn't really apply to my case here, and the solutions don't really make sense for this scenario.
Any help or pointers would be appreciated!
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!