Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- Live
- ›
- About mxe2fmk
About mxe2fmk
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
Monday
Ok, I unerstand this example. Could You please additional moment - what's about NAT rule "inside to outside"?
... View more
Monday
Only one NAT rule name: NATbase src zone: inside dst zone: outside dest int: eth1/1 src addr: any dst addr: any service: any src translation: dynamic-ip-port, eth1/1 , outside_ip
... View more
Monday
I found out that U-turn NAT is possible scenario for one-zone ( inside ), and isn't for using with inside-dmz pair.
... View more
a week ago
Hi there. I have a PA-200. Internal net is 192.168.0.0/24 eth1/2 , inside L3 interface (default gw) - 192.168.0.254 One external ip address is using for outside inteface, eth1/1. For connection to Internet I typically use pair inside-outside with: 1. NAT : dynamic-ip-and-port to outside interface address nat-rule 2. Security policy "allow from inside to outside , any dest address" Now, I need provide access for FTP-Server. I created DMZ interface eth1/3 - 172.16.0.254/24 FTP-Server is directly-connected to DMZ-port and has ip 172.16.0.1 For this scenario i created 1. NAT : bi-directional between FTP-Server and Outside . 2. Security policy for Outside and DMZ. What I can do as next step for provide connection between inside and DMZ? I create security policy allow inside-dmz (to 172.16.0.0/24) and dmz-inside (to 192.168.0.0/24) If i do ping 172.16.0.1 from 192.168.0.1 than i see that all packets are matching to first NAT-rule "inside to outside" and that is wrong way. What is wrong in my steps? How I can exclude traffic from "default "NAT-rule. Althought I tryed create no-nat rule than it do not work. Thank for help.
... View more
02-22-2020
04:16 AM
Good day! Who know and can help: Is scenario when it is working NGFW PA-220, LocalUser , GlobalProtect and Duo 2FA (without AD, RADIUS, LDAP etc.) for small users group (like 10 members vpn)? I believe in that very simple way, but didn't found out information about it, and configuration example. https://community.duo.com/t/paloalto-globalprotect-portal-with-duo-and-localuser-scenario-without-ad/6315 https://docs.paloaltonetworks.com/pan-os/9-1/pan-os-admin/authentication/configure-multi-factor-authentication.html https://help.duo.com/s/article/4254?language=en_US https://www.reddit.com/r/paloaltonetworks/comments/9uq5os/globalprotect_and_duo_native_mfa/ Thanks.
... View more
yesterday
5Posts
0Likes
0Solutions
Mar 28, 2020Last Visited
User
Activity
User
Profile
Latest posts by mxe2fmk
| Subject | Views | Posted |
|---|---|---|
| 167 | Monday | |
| 173 | Monday | |
| 182 | Monday | |
| 310 | a week ago | |
| 229 | 02-22-2020 04:16 AM |
Posts I Liked
| Subject | Likes | Author | Latest Post |
|---|---|---|---|
| 1 | |||
| 1 | |||
| 1 |
User Badges
Public Statistics
| Date Registered | 02-19-2018 12:59 PM |
| Date Last Visited | yesterday |
| Total Messages Posted | 5 |
Contact Me
| Online Status |
Offline
|
| Date Last Visited |
yesterday
|
Latest Tags
No tags yet
Latest Blogs
Latest Posts
Copyright 2007 - 2020 - Palo Alto Networks
