First time poster in the new forum. We're looking into creating a pure DMZ on our Palo Alto. Right now all our servers and network are behind a Layer 3 interface with private IPs. Anything that needs to be externally accessible is done via a One to One NAT through that interface. We have a vendor coming out to do some Lync setup and they "highly recommend" that the server(s) be placed in a DMZ and not inside our network. I tried explaining that we're pretty good at punching holes through and making things work but that wasn't an option. I've been looking at some of the Layer 2 documentation and I think I'm on the right track but if anyone has done this already and has some tips or things to watch out for it would be a big help. Thanks!
... View more