Hi, I'm going to migrate a Juniper SRX firewall with a Palo Alto VM-500 firewall. The case: The Juniper firewall is configured with multiple virtual routers. Between this routers we can static NAT subnets. As showed in the picture below, we have 2 virtual routers. If Subnet 192.168.1.0/24 behind VR A should reach Subnet 192.168.2.0/24 behind VR B, we have a static NAT from zone A that NAT'ing 172.16.2.0/24<->192.168.2.0/24 to VR B. You can then use 172.16.2.x from VR A to reach the 192.168.2.x in VR B. This is done because of a subnet overlap (192.168.2.0/24 in VR A is bound to a VPN tunnel) How can I solve this in the Palo Alto?
... View more