SD-WAN Administration
  • SD-WAN Administration
  • SD-WAN Documentation
  • All Documentation
>
Enable Segmentation with Multiple Virtual Routers for Overlapping Subnets
Focus
Download PDF
Focus
  1. Home
  2. SD-WAN
  3. Enable Segmentation with Multiple Virtual Routers for Overlapping Subnets
Download PDF
SD-WAN

Enable Segmentation with Multiple Virtual Routers for Overlapping Subnets

Table of Contents

Enable Segmentation with Multiple Virtual Routers for Overlapping Subnets

The multiple virtual router support for SD-WAN feature enables you to segment your network into multiple virtual routing domains on a single Palo Alto Networks Next-Generation Firewall.
Where Can I Use This?What Do I Need?
  • NGFW
The multiple virtual router support on SD-WAN enables you to segment your network into multiple virtual routing domains on a single Palo Alto Networks Next-Generation Firewall. This capability allows you to create isolated network environments, each with its own routing table, interfaces, and policy rules. With multiple virtual router support, you can efficiently manage complex network architectures, improve security through network isolation, and simplify your overall network design. This feature is useful for service providers, large enterprises, and organizations with strict compliance requirements that need to maintain separation between different departments, customers, or applications. With multiple virtual router support, you can optimize your network resources, reduce hardware costs, and gain greater flexibility in managing diverse network segments all within a single physical appliance. With this feature, you can expand your network, enhance security, and easily manage your network while meeting the demands of today's complex networking environments.
Multiple virtual routers offer several key benefits for your network. By implementing multiple virtual routers, you can:
  • segment your network into isolated routing domains on a single physical firewall. This allows you to create separate network environments for different departments, customers, or applications.
  • improve security through network isolation. You can prevent unauthorized access between segments by controlling the traffic between virtual routers.
  • manage complex network architectures with flexibility. You can have separate routing tables, interfaces, and policy rules for each virtual router.
  • optimize network resources and reduce hardware costs by consolidating multiple logical networks onto a single physical appliance.
  • expand your network by adding new network segments without requiring additional physical firewalls.
  • enable multitenant environments where each tenant can have their own isolated network space for service providers and large enterprises.
Overall, virtual routers give you more granular control over your network design and traffic flow while improving security, efficiency, and manageability.
(SD-WAN plugin 3.0.7 and later versions) (SD-WAN plugin 3.2.1 and later versions) You can configure multiple virtual routers on SD-WAN hub firewalls.
Beginning with SD-WAN plugin 3.3.1 release, you can also configure multiple virtual routers on SD-WAN branch firewalls.

Technical Documentation

Company

Legal Notices

© 2025 Palo Alto Networks, Inc. All rights reserved.

xThanks for visiting https://docs.paloaltonetworks.com. To improve your experience when accessing content across our site, please add the domain to the allow list on your ad blocker application.