Have a Question?
< All Topics
Print

How to Configure Inbound NAT in Palo Alto PA-VM

Posted
Updated
ByYongKW

Steps on how to configure Inbound NAT in Palo Alto PA-VM

Same components are used from Initial Setup of Palo Alto PA-VM on Hyper-V

Creating New Firewall Objects

Create a new IP Netmask object in Object – Addresses

  • INFO-EX13 – IP Netmask – 192.168.1.201/32
  • INFO-EX13-PublicIP – IP Netmask – 192.168.4.49/32

configure Inbound NAT in Palo Alto PA-VM

NAT Policy

Create a New NAT Policy in Policies – NAT

Enter a Name with NAT Type = ipv4

  • Source & Destination Zone = External
  • Service = service-https or create a new Service object for custom port
  • Source Address = Any
  • Destination Address = INFO-EX13-PublicIP (Public IP of the NAT Server)

  • Translation Type = Static IP
  • Translated Address = INFO-EX13 (Internal IP)
  • Translated Port = 443 (HTTPS)

Security Policy

Create a new Security Policy in Policies – Security for inbound connection to NAT object

image-20200311000242874

Source Zone = External

Destination Address = INFO-EX13-PublicIP (Public IP but NOT Internal IP)

Add the services-https in Service/URL Category

Action – Allow

Commit all changes on PA-VM and user should be able to access INFO-EX13 Sever via https://192.168.4.49 from Internet now

Table of Contents
Scroll to Top