Palo Alto firewall is so much easier to understand natting then using a Cisco with those ACL's when explaining it to someone. PA firewall is so straight forward once you learn the basics it's really easy to scale it up to what you want to do.
Just curious Rob if you're planning on making a video about daily best practices on like monitoring and general routines. Like I'm having a hard time wrapping my head around updating rules/custom App-ID categories and just that level of maintenance. Hopefully that makes sense. I have 2 PA-3060's at work.
Hi ROB, Thanks for your videos and sharing your knowledge with us. I have a little query maybe it maybe a dumb ques to ask but as there is a default predefined permit rule which allows traffic from going to trust to untrust zone then why there is need to create another security policy named as Internet NAT policy for that.
Hi Rob, Thanks for the video. I have a query regarding what you explained. You explained "Static" option under the Source NAT where you mentioned the bidirectional static communication between 192.168.21.63 101.0.0.63. For the traffic which originates from Inside (192.168.21.0/24) and going outside, the Source NAT modifies the source address from 192.168.21.63 --> 101.0.0.63. That part is okay. But for the traffic which is coming to 101.0.0.63 (Destination IP) and NAT'ed to 192.168.21.63, how it is "Source NAT". This looks Destination NAT. Can you please suggest how it could be Source NAT
hi rob how are you why you ignore my previous message about making a videos related to contiguous/dis-contiguous networks ? if you don`t want to do it please tell me here thanks
Palo Alto firewall is so much easier to understand natting then using a Cisco with those ACL's when explaining it to someone. PA firewall is so straight forward once you learn the basics it's really easy to scale it up to what you want to do.
Just curious Rob if you're planning on making a video about daily best practices on like monitoring and general routines. Like I'm having a hard time wrapping my head around updating rules/custom App-ID categories and just that level of maintenance. Hopefully that makes sense. I have 2 PA-3060's at work.
Hi ROB,
Thanks for your videos and sharing your knowledge with us.
I have a little query maybe it maybe a dumb ques to ask but as there is a default predefined permit rule which allows traffic from going to trust to untrust zone then why there is need to create another security policy named as Internet NAT policy for that.
Hi Rob, Thanks for the video.
I have a query regarding what you explained. You explained "Static" option under the Source NAT where you mentioned the bidirectional static communication between 192.168.21.63 101.0.0.63. For the traffic which originates from Inside (192.168.21.0/24) and going outside, the Source NAT modifies the source address from 192.168.21.63 --> 101.0.0.63. That part is okay. But for the traffic which is coming to 101.0.0.63 (Destination IP) and NAT'ed to 192.168.21.63, how it is "Source NAT". This looks Destination NAT. Can you please suggest how it could be Source NAT
Can you do a video on using virtual routers for dual ISPs. And using loopbacks for next VR
I'll see what I can do.
hi rob how are you
why you ignore my previous message about making a videos related to contiguous/dis-contiguous networks ?
if you don`t want to do it please tell me here
thanks
i didn't. you asked for a ton of subnetting breakdowns i haven't had time to do.