This website uses cookies essential to its operation, for analytics, and for personalized content. By continuing to browse this site, you acknowledge the use of cookies.
For details on cookie usage on our site, read our Privacy Policy
Accept
Reject

About black1983

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
black1983
‎02-11-2020
since ‎02-10-2020
L0 Member
User Activity
User Profile
Latest posts by black1983
View All
User Badges
Community Statistics
Member Since ‎02-10-2020 03:27 AM
Date Last Visited ‎02-11-2020 06:56 AM
Posts 2

Re: an issue occure with asymmetric route

by in General Topics
‎02-11-2020 03:16 AM
‎02-11-2020 03:16 AM
yes the incoming traffic comes thru correct interface  (Y) whatever the source is local ISP3 or Global internet users but the different is global users thy can browse it and their traffic goes out thru ISP1 interface (X) ( asymmetrically ) !! and ISP3 users can't browse it since the FW is dropping the packet ..   So, why do global users can browse it with asymmetric routes while local ISP3 users can't do it ? ... View more

an issue occure with asymmetric route

by in General Topics
‎02-10-2020 03:58 AM
‎02-10-2020 03:58 AM
HI;   I have PaloAlto FW and I have 3 ISPs and I'm using default route ( statically ) with this value ISP1 distance 5 ( Interface X), ISP2 distance 9 and ISP3 distance 15 ( Interface Y) and I've server with NAT IP using ISP3 subnet. the server is reachable from global internet but the users who are using ISP3 they are unable to reach it after some tshoot we have done using trace route we found the following.   what is the issue ?   NOTE: we cant apply the following 1- PBF 2- we can't update route table statically for each user   Trace route from NATed server using ISP3 subnet toward user using ISP3 : Server --> Palo Alto outside interface(X)--> ISP1 -->ISP3--> ISP3 USER   Trace route from user using ISP3  toward NATed server using ISP3 subnet : USER-->ISP3 --> WAN Router--> Palo Alto outside interface(Y)--> drop   Trace route from NATed server using ISP3 subnet toward global Internet : Server --> Palo Alto outside interface(X)--> ISP1 --> Global Internet --> 8.8.8.8 (example)   Trace route from global user  toward NATed server using ISP3: Global User --> Global Internet --> ISP3--> reach to NATed server   ... View more
Register or Sign-in
Contact Me
Online Status
Offline
Date Last Visited
‎02-11-2020 06:56 AM
Latest Tags
LEGAL NOTICES
RESOURCES
Copyright 2007 - 2023 - Palo Alto Networks