All Palo Alto Networks® next-generation firewalls provide a flexible networking architecture that includes support for dynamic routing, switching, and VPN connectivity, and enables you to deploy the firewall into nearly any networking environment.

Networking is the fundamental building block of the firewalls because they must be able to receive data, process it, and forward it. When configuring the Ethernet ports on your firewall, you can choose from tap, virtual wire, Layer2, Layer 3, AE, and cellular interface deployments. In addition, to allow you to integrate into a variety of network segments, you can configure different types of interfaces on different ports.

To begin networking, you should first access the Getting Started topic in the PAN-OS^® Administrator's Guide. There you learn about segmenting your network and you Configure Interfaces and Zones; that initial task illustrates how to configure Layer 3 interfaces to connect to the internet, your internal network, and your data center applications.

This PAN-OS Networking Administrator's Guide elaborates on that information with topics on how to configure tap, virtual wire, Layer 2, Layer 3, AE, and cellular interfaces. After configuring your network interfaces, you can Export Configuration Table Data as a PDF or CSV for internal review or audits.

This guide also explains how the firewall supports multiple virtual routers to obtain Layer 3 routes to other subnets and to maintain separate sets of routes. The remaining topics describe static routes, dynamic routing protocols, and the major features that support networking on the firewall.