Multiple options to integrate the Palo Alto Firewall into your:

  • Network
  • Layer 2 interfaces and VLAN interfaces
  • Layer 3 interfaces
  • Tap interfaces
  • Loopback and tunnel interfaces
  • HA interfaces

Type 1 - Layer 2 interfaces:

  • Allows a Trunk interface to transmit
  • Tagged VLAN's which can be assigned to VLAN interfaces
  • Can be allocated in port channels (link aggregation with LACP)

Configure a Layer2 interface with Wired-VLAN20.

Add a layer2 subinterface.

Add a Wireless-VLAN30 subinterface.

Type2 - Layer 3 interfaces:

  • Carries end-to-end Layer 3 traffic with an assigned IP address.
  • Can be allocated in port channels(link aggregation with LACP)
  • Can be sub-divided in L3 Subinterfaces.

Add a layer3 interface.

Type3 - Tunnel and loopback interfaces:

  • Used to logically assign attributes to tunnel entry/exit points
  • Loopbacks: Create always-on logical interfaces for required applications.

Configure a tunnel.

Confiture Loopback

Configure Virtual Router

Configure IPsec Tunnels here.

Typer 4 - HA(High availability interfaces):

  • Allows connectively between two Palo Alto Firewalls to establish a highly available Firewall setup
  • HA links will carry required information to build the cluster, and sync routing/configuration across the members.

Configure HA interface.

Enable HA setup.

Configure the Control Link.

https://docs.paloaltonetworks.com/pan-os/7-1/pan-os-admin/high-availability/set-up-activepassive-ha/configure-activepassive-ha

Cyber Security - Palo Alto Firewall Interface Types的更多相关文章

  1. Cyber Security - Palo Alto Firewall Objects Addresses, Services, and Groups(3)

    LDAP Authentication and Remote Users and Groups Create Remote User Objects and LDAP Integration: sam ...

  2. Cyber Security - Palo Alto Firewall Objects Addresses, Services, and Groups(1)

    Address Objects and Groups Creating address objects. Organizing address objects with address groups ...

  3. Cyber Security - Palo Alto Firewall V-Wires

    Leveraging V-Wires Bridge two physical connections and apply security Policies without influencing a ...

  4. Cyber Security - Palo Alto Firewall Security Zones

    Firewall Security Zones Zones: The foundational aspect of every Firewall. Police network traffic Enf ...

  5. Cyber Security - Palo Alto Firewall Objects Addresses, Services, and Groups(2)

    Users Objects and Groups Creating local user objects. Creating local user groups. https://docs.paloa ...

  6. Cyber Security - Palo Alto Basic Introduction

    Preparation of the Lab Environment: Download and Install Pan-OS from the following website https://d ...

  7. Cyber Security - Palo Alto Security Policies(2)

    Task 3 The SOC(Security Operation Center) monitoring team dashboard reported more 1,000 requests to ...

  8. Cyber Security - Palo Alto Security Policies(1)

    Security policies: Enforcing network traffic by configuring rules of what is allowed or denied to co ...

  9. Palo Alto GlobalProtect上的PreAuth RCE

    0x00 前言 SSL VPN虽然可以保护企业资产免受互联网被攻击的风险影响,但如果SSL VPN本身容易受到攻击呢?它们暴露在互联网上,可以可靠并安全地连接到内网中.一旦SSL VPN服务器遭到入侵 ...

随机推荐

  1. 国外的教授都说,用这个方式21天就能学会python,这是中国速度

    你尝试过吗?按照这个方式,用21天就能学会python编程.     在今年的疫情期间,在家的时间何止21天,有这样一位做财务的朋友,为了提高自己的数据分析能力,在家通过这个方式,跟着21天的规划,坚 ...

  2. Swagger之外的选择

    今天给大家安利一款接口文档生成器--JApiDocs. swagger想必大家都用过吧,非常方便,功能也十分强大.如果要说swaager有什么缺点,想必就是注解写起来比较麻烦.如果我说有一款不用写注解 ...

  3. 面试题64:求 1 + 2 + ... + n

    这道题目条件限制严格,需要发散思维...但是作者是以 C++ 语言特性来做讲解的,对于 Java 狗只能说稍微有点参考意义吧!

  4. git merge整理

    ========================================================== git bash merge 一.开发分支(dev)上的代码达到上线的标准后,要合 ...

  5. disruptor架构三 使用场景更加复杂的场景

    先c1和c2并行消费生产者产生的数据,然后c3再消费该数据 我们来使用代码实现:我们可以使用Disruptor实例来实现,也可以不用产生Disruptor实例,直接调用RingBuffer的api来实 ...

  6. 如何修改linux下tomcat指定的jdk路径

    一般情况下,一台服务器只跑一个项目,只需根据所需项目,将linux默认的jdk环境配置好即可.某些时候一台服务器上会跑多个项目,而且各个项目需要的JDK版本各不相同,或者为了使业务独立开来,需要指定T ...

  7. C# 9.0 新特性之 Lambda 弃元参数

    阅读本文大概需要不到 1 分钟. 弃元(Discards) 是在 C# 7.0 的时候开始支持的,它是一种人为丢弃不使用的临时虚拟变量.语法上它是用来赋值的,但它却不被分配存储空间,即没有值,所以不能 ...

  8. Javascript中的"函数是第一类对象(first-class object)"

    本身这句话很好解释,函数有两个主要特点,援引自 陈新 译的<JavaScript模式>: 1.函数是第一类对象: 函数可以在运行时动态创建,还可以在程序执行过程中创建. 函数可以分配变量, ...

  9. 如何提高CSS性能?CSS优化、提高性能提升总汇

    如何提高CSS性能,根据页面的加载性能和CSS代码性能,主要表现为: 加载性能 (主要是从减少文件体积,减少阻塞加载,提高并发方面入手),选择器性能,渲染性能,可维护性.   1.尽量将样式写在单独的 ...

  10. SpringBoot01-启动类启动做了那些事情

    1.第一个步骤进入SpringApplication构造函数 public SpringApplication(ResourceLoader resourceLoader, Class<?> ...