PaloAlto | Layer 2 Deployment Model-1

 Layer 2 Deployment:

• PalAltNetworks Next Generation Firewall can alsbe deployed in Layer 2 mode.
• Layer 2 mode switching is performed between twor more network segments.
• In this mode, PA is configured tperform switching in twor more network segments.
• In Layer 2 Deployment traffic traversing the firewall is examined, as per policies.
• This mode, providing increased security and visibility within the internal network.
• In Layer 2 deployment, the firewall interfaces are capable of supporting Access Link.
• In Layer 2 deployment, the firewall interfaces are capable of supporting Trunk Links.
• In Layer 2 deployment, firewall dnot participate in the Spanning Tree topology.
• Any BPDUs received on the firewall interfaces are directly forwarded tswitch.
• Routing traffic between VLAN networks or other networks can be achieved.
• In Layer 2 deployment, Routing traffic can be achieved via a default Gateway.
• Default Gateway is usually a Layer 3, switch supporting InterVLAN routing.
• Default Gateway can be Firewall security appliance, or Router-on-a-Stick design.
  
  
  
  
  
  
  
  
  
  
  
  
  
  
  1. Network-> Zone->Add Name of the zone in our case name: Servers , Type : Should be Layer2. Click OK.
  
  
  
  
  
  
  
  
  
  
  
  
  2. Create a VLAN interface to be used by the physical interfaces we will set to Layer 2. go to
  Network-> VLANs->Add, create new one by clicking the Add button Name VLAN100 & click OK.
  
  

 






3.- Going to set interfaces ethernet1/1  adn Ethernet1/2 Layer2 and set VLAN100. Select Zone: LAN create earlier and click OK. 
- Going to set interfaces ethernet1/2  adn Ethernet1/2 Layer2 and set VLAN100. Select Zone: Server create earlier and click OK.

4. Policies -> Security -> Add, you can use any name you want in our case LAN to Servers.
Add Source Zone – In our case its LAN, Add Destination Zone – In our case its Servers.

VERIFIKASI
:

Berbagi :