Hello Guys,
I have a question about NAT, is it possible to publish complete private networks (mask /24) through a public IP without having to publish a host with a specific port (NAT-PAT)?
I havent found PAN documentation that is possible to do this.
Any comments is good.
Regards.
whenever you configure a NAT rule, the firewall will perform proxy ARP for whatever IP you put in the original destination field. so if you feel like attaching a /24 private subnet to a public interface, without adding an IP in that range to the interface, the firewall will proxy-arp for the entire range (do make sure you set a destination interface in the NAT rule, else the firewall will spam ARP out of all it's interfaces for that subnet)