Setting up and troubleshooting Palo Alto U-Turn NAT with multiple Virtual Router Instances

At times you may encounter a need to have U-Turn NAT in place on your firewall to allow internal devices to access resources you host (Such as a web-server) in the same Datacenter, by using their public address. Palo Alto has a great KB article here on the subject.  Setting this up is a significant amount of work when used in a environment that is designed for multi-tenancy through the use of Virtual Routers on the PA Firewall. Below are some of my challenges and solutions. Continue reading “Setting up and troubleshooting Palo Alto U-Turn NAT with multiple Virtual Router Instances”

Share this content: