PaloAlto | Virtual Wire (V-Wire) Deployment

Virtual Wire (V-Wire) Deployment:

• Virtual Wire, alsknown as V-Wire, deployment options use Virtual Wire interfaces.
• Virtual Wire is alsreferred tas a “Bump in the Wire” of “Transparent In-Line”.
• Virtual Wire logically binds twEthernet interfaces together, allowing all traffic tpass.
• Virtual Wire mode pairing a set of twphysical interfaces or ports inta single set.
• Virtual Wire can be inserted intan existing topology without requiring any changes.
• Virtual Wire deployment can be easily inserted tthe existing network topology.
• Other vendors such as ciscoffers the same feature better known as transparent firewall.
• Install firewall transparently on network segment by binding twfirewall ports together.
• Virtual Wire logically connects twinterfaces; Virtual Wire is internal tthe firewall.
• Each virtual wire interface is directly connected tLayer 2 or 3 networking device or host.
• The Virtual Wire interfaces have nLayer 2 or Layer 3 Internet Protocol addresses.
• When V-Wire interfaces receives frame or packet, it ignores any Layer 2 or 3 addresses.
• The V-Wire deployment options overcome the limitations of TAP mode deployment.
• In Virtual Wire, mode engineers can monitor and control traffic traversing the link.
• A Virtual Wire interface supports App-ID, User-ID, Content-ID, NAT and decryption.

1. Virtual Wire

2. Zone

3. Interface

4. Policies

Konfigurasi Router R-INET
conf t
hostname R1
interface eth0/0
ip address 192.168.1.254 255.255.255.0
no shutdown
ip nat inside
exit
!
interface eth0/1
ip address 10.0.137.254 255.255.255.0
no shutdown
ip nat outside
exit
!
ip nat inside source list 1 interface eth0/1 overload
!
access-list 1 permit any
!
interface loopback 1
ip address 8.8.8.8 255.255.255.255
exit
!
ip route 0.0.0.0 0.0.0.0 10.0.137.1
!
ip http server
ip http secure-server
ip http authentication local
!
line vty 0 4
password 123
transport input all
exit
!
username admin privilege 15 password 123
!
Verifikasi: Ping dan akses Zone LAN

Berbagi :