PAN-OS 9.0 supports new networking features.
- Security Group Tag (SGT) Ethertype Support
- FQDN Refresh Enhancement
- GRE Tunneling Support
- Wildcard Address Support in Security Policy Rules
- Hostname Option Support for DHCP Clients
- FQDN Support for Static Route Next Hop, PBF Next Hop, and BGP Peer
- Dynamic DNS Support for Firewall Interfaces
- HA1 SSH Key Refresh
- Advanced Session Distribution Algorithms for Destination NAT
- VXLAN Tunnel Content Inspection
- (Available in PAN-OS 9.0.2 and later 9.0 Releases) DNS Rewrite for Destination NAT
Describes all the exciting new capabilities in PAN-OS® 9.0 for the VM-Series firewall. ...
Destination NAT with DNS Rewrite Use Cases
The destination NAT topology with a DNS Server and the DNS response determine how you configure DNS Rewrite (in the reverse or forward direction). ...
FQDN Support for Static Route Next Hop, PBF Next Hop, and BGP Peer
You can use an FQDN in a static route next hop, a policy-based forwarding (PBF) next hop, or a BGP peer address. ...
VXLAN Tunnel Content Inspection
Configure tunnel content inspection to scan traffic within a VXLAN tunnel. ...
DNS Rewrite for Destination NAT
Create a destination NAT policy rule for static translation that also rewrites the IPv4 address in a DNS response based on the NAT rule. ...
Configure Destination NAT with DNS Rewrite
Create a destination NAT policy rule for static translation that also rewrites the IPv4 address in a DNS response based on the original or translated ...
Building Blocks in a Tunnel Inspection Policy
Building Blocks in a Tunnel Inspection Policy Select Policies Tunnel Inspection to add a Tunnel Inspection policy rule. You can use the firewall to inspect ...
Destination NAT Destination NAT is performed on incoming packets when the firewall translates a destination address to a different destination address; for example, it translates ...