To configure LLDP and create an LLDP profile, you must be a superuser or device administrator (deviceadmin). A firewall interface supports a maximum of five LLDP peers.
- Enable LLDP on the firewall.Select NetworkLLDP and edit the LLDP General section; select Enable.
Change LLDP global settings.
- For Transmit Interval (sec), specify the interval (in seconds) at which LLDPDUs are transmitted. Default: 30 seconds. Range: 1-3600 seconds.
- For Transmit Delay (sec), specify the delay time (in seconds) between LLDP transmissions sent after a change is made in a TLV element. The delay helps to prevent flooding the segment with LLDPDUs if many network changes spike the number of LLDP changes, or if the interface flaps. The Transmit Delay must be less than the Transmit Interval. Default: 2 seconds. Range: 1-600 seconds.
- For Hold Time Multiple, specify a value that is multiplied by the Transmit Interval to determine the total TTL Hold Time. Default: 4. Range: 1-100. The maximum TTL Hold Time is 65535 seconds, regardless of the multiplier value.
- For Notification Interval, specify the interval (in seconds) at which LLDP Syslog Messages and SNMP Traps are transmitted when MIB changes occur. Default: 5 seconds. Range: 1-3600 seconds.
- Click OK.
- Create an LLDP profile.For descriptions of the optional TLVs, see Supported TLVs in LLDP.
- Select NetworkNetwork ProfilesLLDP Profile and Add a Name for the LLDP profile.
- For Mode, select transmit-receive (default), transmit-only, or receive-only.
- Select SNMP Syslog Notification to enable SNMP notifications and syslog messages. If enabled, the global Notification Interval is used. The firewall will send both an SNMP trap and a syslog event as configured in the DeviceLog SettingsSystemSNMP Trap Profile and Syslog Profile.
- For Optional TLVs, select the TLVs you want transmitted:
- Port Description
- System Name
- System Description
- System Capabilities
- (Optional) Select Management Address to add one or more management addresses and Add a Name.
- Select the Interface from which to obtain the management address. At least one management address is required if Management Address TLV is enabled. If no management IP address is configured, the system uses the MAC address of the transmitting interface as the management address TLV.
- Select IPv4 or IPv6, and in the adjacent field, select an IP address from the drop-down (which lists the addresses configured on the selected interface), or enter an address.
- Click OK.
- Up to four management addresses are allowed. If you specify more than one Management Address, they will be sent in the order they are specified, starting at the top of the list. To change the order of the addresses, select an address and use the Move Up or Move Down buttons.
- Click OK.
- Assign an LLDP profile to an interface.
- Select NetworkInterfaces and select the interface where you will assign an LLDP profile.
- Select AdvancedLLDP.
- Select Enable LLDP to assign an LLDP profile to the interface.
- For Profile, select the profile
you created. Selecting None enables LLDP
with basic functionality: sends the three mandatory TLVs and enables transmit-receive mode.If you want to create a new profile, click LLDP Profile and follow the instructions steps above.
- Click OK.
- Commit your changes.Click Commit.
Building Blocks of LLDP
Building Blocks of LLDP To enable LLDP on the firewall, click Edit, click Enable , and optionally configure the four settings shown in the following ...
Network > Network Profiles > LLDP Profile
Network > Network Profiles > LLDP Profile A Link Layer Discovery Protocol (LLDP) profile is the way in which you configure the LLDP mode of ...
View LLDP Settings and Status
View LLDP Settings and Status Perform the following procedure to view LLDP settings and status. View LLDP global settings. Select Network LLDP . On the ...
LLDP Palo Alto Networks firewalls support Link Layer Discovery Protocol (LLDP), which functions at the link layer to discover neighboring devices and their capabilities. LLDP ...
LLDP Syslog Messages and SNMP Traps
LLDP Syslog Messages and SNMP Traps The firewall stores LLDP information in MIBs, which an SNMP Manager can monitor. If you want the firewall to ...
Supported TLVs in LLDP
Supported TLVs in LLDP LLDPDUs include mandatory and optional TLVs. The following table lists the mandatory TLVs that the firewall supports: Mandatory TLVs TLV Type ...
LLDP Overview LLDP operates at Layer 2 of the OSI model, using MAC addresses. An LLDPDU is a sequence of type-length-value (TLV) elements encapsulated in ...
PA-7000 Series Layer 3 Interface
PA-7000 Series Layer 3 Interface Network > Interfaces > Ethernet To configure a Layer 3 interface, click the name of an Interface (ethernet1/1, for example) ...
IKE Gateway Advanced Options Tab
IKE Gateway Advanced Options Tab Network > Network Profiles > IKE Gateways > Advanced Options Configure advanced IKE gateway settings such as passive mode, NAT ...