Error:
An unexpected error occurred. Please click Reload to try again.
Error:
An unexpected error occurred. Please click Reload to try again.
Inbound NAT Policy with Outbound PBF Causing IP-Spoofing Drops - Knowledge Base - Palo Alto Networks

Inbound NAT Policy with Outbound PBF Causing IP-Spoofing Drops

18246
Created On 09/26/18 13:54 PM - Last Modified 06/13/23 13:44 PM


Resolution


Issue

If a Policy Based Forwarding (PBF) rule is setup to route inside traffic out a primary interface and the backup default route is configured in the VR with an interface, the return traffic (which is picked up by PBF Policy) may be blocked if the Spoofed IP protection option is selected on the Zone Protection Profile.

Resolution

Remove the interface in the default route (it is not a necessary option)

7-19-2012 11-15-58 AM.png

owner: dburns
Other users also viewed:
How to download GlobalProtect from the Customer Support Portal
Download and Install the GlobalProtect App for Windows
Resource List: GlobalProtect Configuring and Troubleshooting
PAN-OS Software Updates
Where to find the current preferred software versions? (PAN-OS, GlobalProtect, User-ID Agent, Plugins)
Results 1-5 of 238,623
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClzeCAC&lang=en_US&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail

Choose Language