The outside interface of the ASA is a private segment (192.x.x.x) and the Load balancer is terminated with the public IP of 14.x.x.x The Interesting traffic are in 172.x.x.x in ASA and 10.x.x.x in palo alto The ASA is behind the LoadBalancer FortiWAN (NAT) device.
The tunnel didn't came up, when having remote troubleshooting session, the peer end palo alto says, they are expecting the phase traffic as well from the same public IP address exactly (14.x.x.x) not in the same segment but the same IP.
The Questions are.
1.Is this possible. If yes how? 2.I have many tunnels with the proposal of my local gateway as 14.x.x.x, If i NAT the private address to the Public IP 14.x.x.x will it collapse all other tunnels. 3.I have public WAN pool Address 14.x.x.1, 14.x.x.2... etc., can i use one those to IPs to NAT my private IPs and give it to peer end.
4. During debug the peer end says they are getting phase 2 traffic from 192.x.x.x (ASA's outside interface IP) what might be the issue