This website uses cookies essential to its operation, for analytics, and for personalized content. By continuing to browse this site, you acknowledge the use of cookies.
For details on cookie usage on our site, read our Privacy Policy
For details on cookie usage on our site, read our Privacy Policy
About marregoces
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- LIVEcommunity
- About marregoces
06-11-2020
3Posts
0Likes
0Solutions
Jun 11, 2020Last Visited
User
Activity
User
Profile
Latest posts by marregoces
| Subject | Views | Posted |
|---|---|---|
| 8357 | 08-29-2017 12:59 PM |
User Badges
Community Statistics
| Member Since | 05-09-2017 10:02 AM |
| Date Last Visited | 06-11-2020 06:32 PM |
| Posts | 3 |
08-29-2017
12:59 PM
Hi Amaresh, The internal server may not need a public IP as it could be access from By Internet users through NAT. These are the steps to follow: 1. assigned a public IP to the public load balancer that front-end the VM-Series FWs 2. add a NAT policy to all the FWs behind the public LB. The policy, I call it "Inbound DNAT". In the original packet section use Untrust in the src and dst zones, and add the IP address of the eth1 FW interface. In the Translater packet section use Dynamic IP and Port as Translation Type, Interface Address as Address Type and ethernet1/2 as Interface (leave IP address as None). Select the Destination Address Translatation and type either the IP address load balancer that front ends the internal server farm or the IP address of the internal server (private IP - make sure is static so if you reboot it does not change) You also need to configure routing on the VM-Series and routing entry in the UDR to direct traffic in the internal server subnet through the VM-Series.
... View more
Contact Me
| Online Status |
Offline
|
| Date Last Visited |
06-11-2020
06:32 PM
|
Latest Tags
No tags yet
LEGAL NOTICES
Copyright 2007 - 2023 - Palo Alto Networks