Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
I am trying to setup an originate-only vpn tunnel with a Palo Alto firewall. The remote admin has created a private ip for me to setup an acl and pass traffic. I have setup the asa correctly (I think) yet, I am still getting this in the asa log and...
I am setting up a l2l tunnel with a palo alto firewall and having trouble. It is a fairly simple setup, we are encrypting public to public traffic for sftp upload from the asa side. Here are the relevant parts of the config and various outputs... ...
I have a 10x10mb ethernet handoff connected directly to a pix 515(os 8.03 16m flash 128m dram). The performance is really bad on the download side, I'm talking 4.5 to 6mb of 10 on a consistent basis. I know it is the pix because when connected dire...
Attempting to setup a site to site vpn between a pix 515e and ASA 5505. The tunnel comes up on both ends but passes no traffic. The nat weirdness is happening on the internet router on the asa side, the serial link to the internet is privately addr...
Just as an FYI... The tunnel would not connect using the policy nat until the "originate only" setting on the connection profile was turned to bi-directional. Not sure why this would be but, that was the case.
Looks like the nat is not working. Packet trace shows traffic going through the policy nat pool but. sh xlate does not have an item for global (outside) 2
Hello Manish,You are correct. The asa public interface is both the vpn endpoint and the global nat ip for the internal users. Thanks for the help and suggestions.Eric
Thanks Lee and ManishI have no access to the palo alto logs. I am working with the admin at the other end and this is what he said. I used the real ip's because it was getting too confusing... I figured out what is wrong. It didn’t click at first...
