How to Configure NAT Multiple IP Pools and Allow Traffic

How to Configure NAT Multiple IP Pools and Allow Traffic

0
Created On 09/25/18 17:52 PM - Last Modified 07/19/22 23:07 PM


Resolution


Details

To NAT another IP Pool provided by an ISP and allow traffic

  1. Set up a loopback interface with an IP from the new IP pool.
  2. Set up the loopback interface in the same zone as the external interface.
  3. Set up a security policy to allow traffic to loopback interface external IP.

Note: The internal logic for Palo Alto Networks firewall is to do a forwarding lookup prior to NAT policy evaluation. Therefore, it is necessary to assign an IP to the loopback interface before the NAT policy can take effect.

owner: ukhapre
Other users also viewed:
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClLBCA0&lang=en_US&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail