Multiple options to integrate the Palo Alto Firewall into your:

  • Network
  • Layer 2 interfaces and VLAN interfaces
  • Layer 3 interfaces
  • Tap interfaces
  • Loopback and tunnel interfaces
  • HA interfaces

Type 1 - Layer 2 interfaces:

  • Allows a Trunk interface to transmit
  • Tagged VLAN's which can be assigned to VLAN interfaces
  • Can be allocated in port channels (link aggregation with LACP)

Configure a Layer2 interface with Wired-VLAN20.

Add a layer2 subinterface.

Add a Wireless-VLAN30 subinterface.

Type2 - Layer 3 interfaces:

  • Carries end-to-end Layer 3 traffic with an assigned IP address.
  • Can be allocated in port channels(link aggregation with LACP)
  • Can be sub-divided in L3 Subinterfaces.

Add a layer3 interface.

Type3 - Tunnel and loopback interfaces:

  • Used to logically assign attributes to tunnel entry/exit points
  • Loopbacks: Create always-on logical interfaces for required applications.

Configure a tunnel.

Confiture Loopback

Configure Virtual Router

Configure IPsec Tunnels here.

Typer 4 - HA(High availability interfaces):

  • Allows connectively between two Palo Alto Firewalls to establish a highly available Firewall setup
  • HA links will carry required information to build the cluster, and sync routing/configuration across the members.

Configure HA interface.

Enable HA setup.

Configure the Control Link.

https://docs.paloaltonetworks.com/pan-os/7-1/pan-os-admin/high-availability/set-up-activepassive-ha/configure-activepassive-ha

Cyber Security - Palo Alto Firewall Interface Types的更多相关文章

  1. Cyber Security - Palo Alto Firewall Objects Addresses, Services, and Groups(3)

    LDAP Authentication and Remote Users and Groups Create Remote User Objects and LDAP Integration: sam ...

  2. Cyber Security - Palo Alto Firewall Objects Addresses, Services, and Groups(1)

    Address Objects and Groups Creating address objects. Organizing address objects with address groups ...

  3. Cyber Security - Palo Alto Firewall V-Wires

    Leveraging V-Wires Bridge two physical connections and apply security Policies without influencing a ...

  4. Cyber Security - Palo Alto Firewall Security Zones

    Firewall Security Zones Zones: The foundational aspect of every Firewall. Police network traffic Enf ...

  5. Cyber Security - Palo Alto Firewall Objects Addresses, Services, and Groups(2)

    Users Objects and Groups Creating local user objects. Creating local user groups. https://docs.paloa ...

  6. Cyber Security - Palo Alto Basic Introduction

    Preparation of the Lab Environment: Download and Install Pan-OS from the following website https://d ...

  7. Cyber Security - Palo Alto Security Policies(2)

    Task 3 The SOC(Security Operation Center) monitoring team dashboard reported more 1,000 requests to ...

  8. Cyber Security - Palo Alto Security Policies(1)

    Security policies: Enforcing network traffic by configuring rules of what is allowed or denied to co ...

  9. Palo Alto GlobalProtect上的PreAuth RCE

    0x00 前言 SSL VPN虽然可以保护企业资产免受互联网被攻击的风险影响,但如果SSL VPN本身容易受到攻击呢?它们暴露在互联网上,可以可靠并安全地连接到内网中.一旦SSL VPN服务器遭到入侵 ...

随机推荐

  1. 一文梳理JavaScript 事件循环(Event Loop)

    事件循环(Event Loop),是每个JS开发者都会接触到的概念,但是刚接触时可能会存在各种疑惑. 众所周知,JS是单线程的,即同一时间只能运行一个任务.一般情况下这不会引发问题,但是如果我们有一个 ...

  2. cb18a_c++_修改string对象的方法

    cb18a_c++_修改string对象的方法s.insert(p,t)s.insert(p, 'A'); //迭代器前插入As.insert<p,n,t)s.insert(p, 3, 'B') ...

  3. 循序渐进VUE+Element 前端应用开发(11)--- 图标的维护和使用

    在VUE+Element 前端应用中,图标是必不可少点缀界面的元素,因此整合一些常用的图标是非常必要的,还好Element界面组件里面提供了很多常见的图标,不过数量不是很多,应该是300个左右吧,因此 ...

  4. Java并发编程-深入Java同步器AQS原理与应用-线程锁必备知识点

    并发编程中我们常会看到AQS这个词,很多朋友都不知道是什么东东,博主经过翻阅一些资料终于了解了,直接进入主题. 简单介绍 AQS是AbstractQueuedSynchronizer类的缩写,这个不用 ...

  5. 谁再悄咪咪的吃掉异常,我上去就是一 JIO

    又到周末了,周更选手申请出站~ 这次分享一下上个月碰到的离奇的问题.一个简单的问题,硬是因为异常被悄咪咪吃掉,过关难度直线提升,导致小黑哥排查一个晚上. 这个美好的晚上,本想着开两把 LOL 无限火力 ...

  6. SpringCloud 入门(一)

    本人也是刚接触springcloud,现在先将创建项目的过程记录下来,springcloud的理解日后再慢慢补齐,最好还是自己参考官方文档的介绍 使用工具:IDEA IDEA创建springcloud ...

  7. TCP端口扫描类型-隐蔽扫描和僵尸扫描

    TCP扫描有三种类型:全连接扫描,隐蔽扫描,僵尸扫描.全连接扫描无须赘述. 隐蔽扫描:发送完SYN数据包以及收到SYN/ACK数据包后不再发送SCK数据包,由于没有建立完整的TCP连接,所以在目标主机 ...

  8. 四层发现-UDP发现

    udp发现要注意选择一个不常用的端口,如果目标ip在up时目标端口是开放状态,那么不管目标ip是否为up状态,都不会收到任何回应,只有在目标ip为down状态且目标端口为关闭状态,才会返回一个目标不可 ...

  9. 搜索引擎-SHODAN

    shodan这个搜索引擎不会爬取网页内容,而是爬取所有的联网设备. 这个搜索引擎还是很强大的,下图就是我用shodan查自己的案例服务器的结果: 如图,可以查到这台服务器安装了wdcp管理面板,黑客完 ...

  10. Nginx基本知识,nginx安装使用方法

    Nginx 是一款高性能的Web服务器软件. - 具有极高的并发性能 - 利用Nginx与Tomcat组合使用, 搭建反向代理集群 - Nginx 反向代理集群可以解决网站的高并发问题! 1.安装 Y ...