Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- LIVEcommunity
- ›
- About KdG-Netadmin
About KdG-Netadmin
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
4 weeks ago
4Posts
0Likes
0Solutions
Dec 30, 2020Last Visited
User
Activity
User
Profile
Latest posts by KdG-Netadmin
| Subject | Views | Posted |
|---|---|---|
| 2379 | 11-30-2015 01:30 AM | |
| 2404 | 11-27-2015 12:29 PM | |
| 2417 | 11-27-2015 08:47 AM | |
| 6700 | 10-07-2013 05:47 AM |
User Badges
Public Statistics
| Date Registered | 11-28-2012 02:07 AM |
| Date Last Visited | 4 weeks ago |
| Total Messages Posted | 4 |
11-27-2015
12:29 PM
Thank you for your reply. Very interesting document.
There is no way to solve this on the company firewall only? Subnet 10.0.0.0/13 is a subnet of a remote router in our network, it's not a subnet of the firewall itself.
As a test I tried to make NAT rules for client 10.0.1.86 with server 10.202.20.20 on our company firewall:
Source NAT rule for the incoming traffic to our company:
source zone = vpn; dest zone = trust; source ip = 10.0.1.86, dest ip = 10.202.20.20; source translation = static ip / 10.207.218.5 / not bi-directional
and a destination nat for the outbound traffic
source zone = trust; dest zone = vpn; source ip = 10.202.20.20; dest ip = 10.207.218.5; dest interface = tunnel.5 / dest translation = 10.0.1.86
When I run a Packet Capture on interface tunnel.5, I only see (icmp) packets coming from 10.0.1.86, but I don't see anything in the policy log.
Can someone explain this to me?
Thanks!
... View more
11-27-2015
08:47 AM
Hello,
We're trying to build a Site to Site VPN connection with an other company. They are installing software on two of our servers (10.130.0.100 and 10.202.20.20) and they need the VPN to automatically transfer configuration and other files.
The VPN-link is active but we have a problem with overlapping subnets. They use subnet 10.0.1.0/24, but we also use that subnet in our network.
I have little experience implementing NAT. Is it possible to use a NAT-rule on our PA5020 that translates the 10.0.1.0/24-subnet adresses from the other company into a 10.207.218.0/23 IP? I already created a route in the PA to route traffic to 10.207.218.0/23 into the tunnel.5 interface. Can someone explain me in detail the NAT-rule (and other policies, routes) I have to create?
Thanks,
Stefan
... View more
10-07-2013
05:47 AM
Hello, We want to use wake on LAN in a vlan attached to a layer3 interface on the firewall. The magic packets are sent from a server outside the vlan to the broadcast address. I allowed WOL-packets in the firewall policies, and I see them in the logs, but the computers don't start. Do we have to configure something else in the firewall to allow ip directed broadcasts like we have to do in our cisco L3-switches? Thanks, Stefan
... View more
- Tags:
- vlan
Labels:
- Labels:
-
Configuration
-
Networking
-
Troubleshooting
Contact Me
| Online Status |
Offline
|
| Date Last Visited |
4 weeks ago
|
Latest Tags
No tags yet
Latest Blogs
Latest Posts
Copyright 2007 - 2021 - Palo Alto Networks
