![]() For example, a NAT policy is normally set with an original destination interface being a physical interface and IP address. The “typical” configuration of a palo alto firewall would involve an administrator binding several configuration items to a physical interface. The next step is to setup the various firewall functions to support this setup with minimal configuration. LOOPBACK IP HOW TOWe’re already seen in previous blog posts (here) how to advertise the public IP range via BGP to only one ISP peer, and only advertise to the backup peer should the primary peer become unavailable. So a typical hypothetical setup would look something like this: The customer is also normally given a subnet or public IPs which are available for their use. This is common in whichever routing protocol is used between client and ISP, even if simple static routes are used. a /30) containing a “point to point” link whose only members are the firewall and the ISP router peer. Normally, each WAN link will have a small subnet (eg. In a dual homed implementation, a network has two or more WAN links to two different POPs (point of presence) of an ISP, or separate ISPs. The most usedul scenario for explaining the use of loopback interfaces is either a ng routing setup, or a standard dual-homed implementation. Cisco folk may be more familiar with the use of loopback interfaces, so this article gives a very quick look at some of the uses of a loopback interface in a Palo Alto firewall deployment. In a dual-homed network infrastructure, loopback interfaces are a very valuable configuration option on Palo Alto firewalls. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |