Hi all,
I'm currently setting up a location with dual ISPs for redundancy's sake and as such I've went down the route of utilising PBF for failover but I'm having what I believe are NAT issues.
Currently, with PBF, traffic goes from Eth1/2 to Eth1/1 which is inside to outside. All is well.
When I fail over to let my routing table take over, outside traffic is supposed to leave through Eth1/4 but I believe it's still NATing traffic through Eth1/2; if I remove the NAT rule from Eth1/1 to Eth1/2, traffic starts flowing as intended through Eth1/4.
I feel like I'm missing a step but the documentation on Palo Alto's website is quite straight forward: https://docs.paloaltonetworks.com/pan-os/8-1/pan-os-admin/policy/policy-based-forwarding/use-case-pbf-for-outbound-access-with-dual-isps.html
Has anyone ran into this issue before and could possibly help?
Many thanks.
Edit: To add, this is all on the same virtual router.
No comments:
Post a Comment