This website uses cookies essential to its operation, for analytics, and for personalized content. By continuing to browse this site, you acknowledge the use of cookies.
For details on cookie usage on our site, read our Privacy Policy
For details on cookie usage on our site, read our Privacy Policy
About mxe2fmk
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- LIVEcommunity
- About mxe2fmk
05-22-2020
5Posts
0Likes
0Solutions
May 22, 2020Last Visited
User
Activity
User
Profile
Latest posts by mxe2fmk
| Subject | Views | Posted |
|---|---|---|
| 3997 | 03-23-2020 12:13 PM | |
| 4003 | 03-23-2020 12:07 PM | |
| 4081 | 03-23-2020 12:01 PM | |
| 4218 | 03-22-2020 07:39 AM | |
| 2348 | 02-22-2020 04:16 AM |
Posts I Liked
| Subject | Likes | Author | Latest Post |
|---|---|---|---|
| 1 Like | |||
| 1 Like | |||
| 1 Like |
User Badges
Community Statistics
| Member Since | 02-19-2018 12:59 PM |
| Date Last Visited | 05-22-2020 05:39 AM |
| Posts | 5 |
03-23-2020
12:13 PM
Ok, I unerstand this example. Could You please additional moment - what's about NAT rule "inside to outside"?
... View more
03-23-2020
12:07 PM
Only one NAT rule name: NATbase src zone: inside dst zone: outside dest int: eth1/1 src addr: any dst addr: any service: any src translation: dynamic-ip-port, eth1/1 , outside_ip
... View more
03-23-2020
12:01 PM
I found out that U-turn NAT is possible scenario for one-zone ( inside ), and isn't for using with inside-dmz pair.
... View more
03-22-2020
07:39 AM
Hi there. I have a PA-200. Internal net is 192.168.0.0/24 eth1/2 , inside L3 interface (default gw) - 192.168.0.254 One external ip address is using for outside inteface, eth1/1. For connection to Internet I typically use pair inside-outside with: 1. NAT : dynamic-ip-and-port to outside interface address nat-rule 2. Security policy "allow from inside to outside , any dest address" Now, I need provide access for FTP-Server. I created DMZ interface eth1/3 - 172.16.0.254/24 FTP-Server is directly-connected to DMZ-port and has ip 172.16.0.1 For this scenario i created 1. NAT : bi-directional between FTP-Server and Outside . 2. Security policy for Outside and DMZ. What I can do as next step for provide connection between inside and DMZ? I create security policy allow inside-dmz (to 172.16.0.0/24) and dmz-inside (to 192.168.0.0/24) If i do ping 172.16.0.1 from 192.168.0.1 than i see that all packets are matching to first NAT-rule "inside to outside" and that is wrong way. What is wrong in my steps? How I can exclude traffic from "default "NAT-rule. Althought I tryed create no-nat rule than it do not work. Thank for help.
... View more
02-22-2020
04:16 AM
Good day! Who know and can help: Is scenario when it is working NGFW PA-220, LocalUser , GlobalProtect and Duo 2FA (without AD, RADIUS, LDAP etc.) for small users group (like 10 members vpn)? I believe in that very simple way, but didn't found out information about it, and configuration example. https://community.duo.com/t/paloalto-globalprotect-portal-with-duo-and-localuser-scenario-without-ad/6315 https://docs.paloaltonetworks.com/pan-os/9-1/pan-os-admin/authentication/configure-multi-factor-authentication.html https://help.duo.com/s/article/4254?language=en_US https://www.reddit.com/r/paloaltonetworks/comments/9uq5os/globalprotect_and_duo_native_mfa/ Thanks.
... View more
Contact Me
| Online Status |
Offline
|
| Date Last Visited |
05-22-2020
05:39 AM
|
Latest Tags
No tags yet
LEGAL NOTICES
Copyright 2007 - 2023 - Palo Alto Networks