Configure a Shared Gateway
Perform this task if you need multiple virtual systems to share an interface (a Shared Gateway) to the Internet. This task presumes:
- You configured an interface with a globally-routable IP address, which will be the shared gateway.
- You completed the prior task, Configure Virtual Systems. For the interface, you chose the external-facing interface with the globally-routable IP address.
- When configuring the virtual systems, in the Visible Virtual System field, you checked the boxes of all virtual systems that must communicate to be visible to each other.
- Configure a Shared
- Select DeviceShared Gateway, click Add and enter an ID.
- Enter a helpful Name, preferably including the ID of the gateway.
- In the DNS Proxy field, select a DNS proxy object if you want to apply DNS proxy rules to the interface.
- Add an Interface that connects to the outside world.
- Click OK.
- Configure the zone for the shared gateway.When adding objects such as zones or interfaces to a shared gateway, the shared gateway itself will be listed as an available vsys in the VSYS drop-down menu.
- Select NetworkZones and Add a new zone by Name.
- For Location, select the shared gateway for which you are creating a zone.
- For Type, select Layer3.
- (Optional) Select a Zone Protection Profile (or configure one later) that provides flood, reconnaissance, or packet-based attack protection.
- (Optional) In Log Setting, select a log forwarding profile for forwarding zone protection logs to an external system.
- (Optional) Select Enable User Identification to enable User-ID for the shared gateway.
- Click OK.
- Commit your changes.Click Commit.
Device > Shared Gateways
Device > Shared Gateways Shared gateways allow multiple virtual systems to share a single interface for external communication (typically connected to a common upstream network ...
External Zones and Shared Gateway
External Zones and Shared Gateway A shared gateway is an interface that multiple virtual systems share in order to communicate over the Internet. Each virtual ...
Networking Considerations for a Shared Gateway
Networking Considerations for a Shared Gateway Keep the following in mind while you are configuring a shared gateway. The virtual systems in a shared gateway ...
Configure Virtual Systems
Configure Virtual Systems Creating a virtual system requires that you have the following: A superuser administrative role. An interface configured. A Virtual Systems license if ...
Use Case 2: ISP Tenant Uses DNS Proxy to Handle DNS Resolut...
Use Case 2: ISP Tenant Uses DNS Proxy to Handle DNS Resolution for Security Policies, Reporting, and Services within its Virtual System In this use ...
CLI Jump Start
CLI Jump Start The following table provides quick start information for configuring the features of Palo Alto Networks devices from the CLI. Where applicable for ...
Building Blocks of Zone Protection Profiles
Building Blocks of Zone Protection Profiles To create a Zone Protection profile, Add a profile and name it. Zone Protection Profile Settings Configured In Description ...
DNS Proxy Settings
DNS Proxy Settings Click Add and configure the firewall to act as a DNS proxy. You can configure a maximum of 256 DNS proxies on ...
Shared Gateway This topic includes the following information about shared gateways: External Zones and Shared Gateway Networking Considerations for a Shared Gateway ...