cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

Who Me Too'd this topic

Meraki behind PA850 - Site-to-site, Error Unfriendly NAT configuration

L1 Bithead

Hi All, 

 

I am working on a implementation of the Meraki MXs behind PA850 - Site-to-site ( hub and spoke). I am getting error on the VPN status: NAT type: Unfriendly. This security appliance is behind a VPN-unfriendly NAT, which can be caused by upstream load balancers or strict firewall rules.

It seems to be working only when i use static one to one NAT rules. NAT type: Friendly. This security appliance is behind a VPN-friendly NAT, locally using....

It is not feasible to use static ip for every MX. 

I am hoping that someone ran into similar issue and was able to figure out the working configuration. 

 

Thanks!

Marcin

Who Me Too'd this topic