Hello Experts PA side there are two subnets: 10.0.1.0/24, 10.0.2.0/24 and Cisco side there are also three subnets 172.16.1.0/24 , 172.16.2.0/24. On PA firewall, I defined the proxy-id as below: proxy-id1: local: 10.0.1.0/24 remote: 172.16.1.0/24 proxy-id2: local: 10.0.1.0/24 remote: 172.16.2.0/24 proxy-id3: local: 10.0.1.0/24 remote: 172.16.1.0/24 proxy-id4: local: 10.0.1.0/24 remote: 172.16.2.0/24 My questions are: 1- On Cisco side, how I will define the ACL. I mean I will define the four ACL or only one ACL with two source and two destination? 2- Everytime, if new subnet is added to pass through tunnel. I need to create proxy-id. There is any scalable method for this? Regards, GR
... View more