Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- Get Started
- News & Events
- Collaboration
- Education Services
- Technologies
- Next-Generation Firewall
- GlobalProtect
- Threat Prevention Services
- Endpoint Protection
- SSL Decryption
- App-ID
- Content-ID
- User-ID
- 5G
- IoT Security
- Cloud Identity Engine
- Panorama
Network Security
- Prisma Access
- Prisma Cloud
- Prisma SD-WAN
- CN-Series
- VM-Series:
- OCI
- Alibaba
- AWS
- GCP
- Azure
Cloud Security
- Cortex XDR
- Cortex XSOAR
- Cortex Data Lake
- Cortex Xpanse
Security Operations
- Resources
- COVID-19 Response Center
About mxe2fmk
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- LIVEcommunity
- About mxe2fmk
05-22-2020
5Posts
0Likes
0Solutions
May 22, 2020Last Visited
User
Activity
User
Profile
Latest posts by mxe2fmk
| Subject | Views | Posted |
|---|---|---|
| 2107 | 03-23-2020 12:13 PM | |
| 2113 | 03-23-2020 12:07 PM | |
| 2122 | 03-23-2020 12:01 PM | |
| 2250 | 03-22-2020 07:39 AM | |
| 1290 | 02-22-2020 04:16 AM |
Posts I Liked
| Subject | Likes | Author | Latest Post |
|---|---|---|---|
| 1 Like | |||
| 1 Like | |||
| 1 Like |
User Badges
Community Statistics
| Member Since | 02-19-2018 12:59 PM |
| Date Last Visited | 05-22-2020 05:39 AM |
| Posts | 5 |
03-23-2020
12:13 PM
Ok, I unerstand this example. Could You please additional moment - what's about NAT rule "inside to outside"?
... View more
03-23-2020
12:07 PM
Only one NAT rule name: NATbase src zone: inside dst zone: outside dest int: eth1/1 src addr: any dst addr: any service: any src translation: dynamic-ip-port, eth1/1 , outside_ip
... View more
03-23-2020
12:01 PM
I found out that U-turn NAT is possible scenario for one-zone ( inside ), and isn't for using with inside-dmz pair.
... View more
03-22-2020
07:39 AM
Hi there. I have a PA-200. Internal net is 192.168.0.0/24 eth1/2 , inside L3 interface (default gw) - 192.168.0.254 One external ip address is using for outside inteface, eth1/1. For connection to Internet I typically use pair inside-outside with: 1. NAT : dynamic-ip-and-port to outside interface address nat-rule 2. Security policy "allow from inside to outside , any dest address" Now, I need provide access for FTP-Server. I created DMZ interface eth1/3 - 172.16.0.254/24 FTP-Server is directly-connected to DMZ-port and has ip 172.16.0.1 For this scenario i created 1. NAT : bi-directional between FTP-Server and Outside . 2. Security policy for Outside and DMZ. What I can do as next step for provide connection between inside and DMZ? I create security policy allow inside-dmz (to 172.16.0.0/24) and dmz-inside (to 192.168.0.0/24) If i do ping 172.16.0.1 from 192.168.0.1 than i see that all packets are matching to first NAT-rule "inside to outside" and that is wrong way. What is wrong in my steps? How I can exclude traffic from "default "NAT-rule. Althought I tryed create no-nat rule than it do not work. Thank for help.
... View more
02-22-2020
04:16 AM
Good day! Who know and can help: Is scenario when it is working NGFW PA-220, LocalUser , GlobalProtect and Duo 2FA (without AD, RADIUS, LDAP etc.) for small users group (like 10 members vpn)? I believe in that very simple way, but didn't found out information about it, and configuration example. https://community.duo.com/t/paloalto-globalprotect-portal-with-duo-and-localuser-scenario-without-ad/6315 https://docs.paloaltonetworks.com/pan-os/9-1/pan-os-admin/authentication/configure-multi-factor-authentication.html https://help.duo.com/s/article/4254?language=en_US https://www.reddit.com/r/paloaltonetworks/comments/9uq5os/globalprotect_and_duo_native_mfa/ Thanks.
... View more
Contact Me
| Online Status |
Offline
|
| Date Last Visited |
05-22-2020
05:39 AM
|
Latest Tags
No tags yet
LEGAL NOTICES
Copyright 2007 - 2021 - Palo Alto Networks
