Labbing this up in prep for new role.
I've configured a Palo Alto VM to authenticate via a Radius Server, the Radius Server is not located off the management port, rather its what ive designated as "inside"
Radius Authentication is failing and upon checking a pcap i can see that the Palo is looking for the Radius Server off its management port, even though the subnet is off a different interface.
Am i misunderstanding something with this? Should th eradius server be located off the management server instead?
Also i have noticed if i do not specify source when pinging anything on the inside LAN form the FW that it will send the ARP requests down the management interface as well. Is this to be expected?
No comments:
Post a Comment