I am new to the Palo Azure environment. I have everything set up with 4 Palo VM instances between an external and internal load balancer. I am having an issue with NAT where traffic from the outside will not route to my internal VNETs unless it is first Source NATed to the internal interfaces of the firewalls. The source IP needs to be retained for security reasons on the proxy and with it only logging the internal interfaces of the firewalls I cannot implement proper policy. When I set the source NAT to "none" I can see the sessions on the firewall and they show that the traffic is doing exactly what it should but nothing ever reaches the proxy. We have even gone as far as to move the proxy to the same subnet as the internal interfaces of the firewall. I am not sure if I am running up against some asymetrical routing or something else.
Any help with this would be greatly appreciated. Thanks in advance.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!