Palo Alto: How to Implement a Virtual Wire between trunked interfaces

When implementing a Virtual Wire between trunked interfaces:

  1. Specify which Tags are allowed to pass through the Virtual Wire:Network Tab > Virtual WiresSelect the Virtual Wire
  2. There is an option called Tag Allowed which by default, only permits 0 (untagged traffic).  If you have VLAN’s 2, 3, 4, 5, etc…, they will need to be included with Tag Allowed, otherwise tagged traffic will not be permitted.
  3. An easy option is to permit Tags 0-4094, though the recommended option would be to specify only the required tags. The Palo Alto Networks device will consume a logical interface for each tag specified on each Virtual Wire, though this would be more resource related than performance impacting.

Image

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s