cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

Who Me Too'd this topic

VPN Site to Site traffic - ALLOWED even if there is defined A SPECIFIC proxy id

L4 Transporter

Hi All,

 

First of all enviroment's specific:

panOS 7.1.7

PA 3050

 

The "strange behavior description":

 

1. VPN S2S between PA and third party vendor

2. Usual configuration

3. Proxy id:

VTI: Tunnel.103

Local: 10.48.0.0/13

Remote: 10.64.22.176/28

 

4. Strange behavior --> Remote network 10.64.22.176/28 is able to reach 10.64.29.0/24 that is NOT defined as our local proxy id

 

**Note: 10.64.29.0/24 is a network that is related with ANOTHER IPsec tunnel behind tunnel.65

 

How this is possible? I never seen a similar behavior before.

I miss something or do you agree that is NOT a normal behavior?

 

Thanks in advance,

Luca

Who Me Too'd this topic