Showing results for 
Show  only  | Search instead for 
Did you mean: 

Who Me Too'd this topic

Meraki behind PA850 - Site-to-site, Error Unfriendly NAT configuration

L1 Bithead

Hi All, 


I am working on a implementation of the Meraki MXs behind PA850 - Site-to-site ( hub and spoke). I am getting error on the VPN status: NAT type: Unfriendly. This security appliance is behind a VPN-unfriendly NAT, which can be caused by upstream load balancers or strict firewall rules.

It seems to be working only when i use static one to one NAT rules. NAT type: Friendly. This security appliance is behind a VPN-friendly NAT, locally using....

It is not feasible to use static ip for every MX. 

I am hoping that someone ran into similar issue and was able to figure out the working configuration. 




Who Me Too'd this topic