Configure a Shared Gateway
Perform this task if you need multiple virtual systems to share an interface (a Shared Gateway) to the Internet. This task presumes:
- You configured an interface with a globally-routable IP address, which will be the shared gateway.
- When configuring the virtual systems, in theVisible Virtual Systemfield, you checked the boxes of all virtual systems that must communicate to be visible to each other.
- Configure a Shared Gateway.
- Select, clickDeviceShared GatewayAddand enter anID.
- Enter a helpfulName, preferably including theIDof the gateway.
- In theDNS Proxyfield, select a DNS proxy object if you want to apply DNS proxy rules to the interface.
- AddanInterfacethat connects to the outside world.
- Configure the zone for the shared gateway.When adding objects such as zones or interfaces to a shared gateway, the shared gateway itself will be listed as an available vsys in theVSYSmenu.
- SelectandNetworkZonesAdda new zone byName.
- ForLocation, select the shared gateway for which you are creating a zone.
- ForType, selectLayer3.
- (Optional) Select aZone Protection Profile(or configure one later) that provides flood, reconnaissance, or packet-based attack protection.
- (Optional) InLog Setting, select a log forwarding profile for forwarding zone protection logs to an external system.
- (Optional) SelectEnable User Identificationto enable User-ID for the shared gateway.
- Commit your changes.ClickCommit.
Device > Shared Gateways
Device > Shared Gateways Shared gateways allow multiple virtual systems to share a single interface for external communication (typically connected to a common upstream network ...
External Zones and Shared Gateway
External Zones and Shared Gateway A shared gateway is an interface that multiple virtual systems share in order to communicate over the Internet. Each virtual ...
Networking Considerations for a Shared Gateway
Networking Considerations for a Shared Gateway Keep the following in mind while you are configuring a shared gateway. The virtual systems in a shared gateway ...
Configure Virtual Systems
Configure Virtual Systems Creating a virtual system requires that you have the following: A superuser administrative role. An interface configured. A Virtual Systems license if ...
Use Case 2: ISP Tenant Uses DNS Proxy to Handle DNS Resolut...
Use Case 2: ISP Tenant Uses DNS Proxy to Handle DNS Resolution for Security Policies, Reporting, and Services within its Virtual System In this use ...
Building Blocks of Zone Protection Profiles
Building Blocks of Zone Protection Profiles To create a Zone Protection profile, Add a profile and name it. Zone Protection Profile Settings Configured In Description ...
CLI Jump Start
Use this quick reference to see the most common commands you will need to being managing your next-gen firewall using the command-line interface (CLI). ...
DNS Proxy Settings
DNS Proxy Settings Click Add and configure the firewall to act as a DNS proxy. You can configure a maximum of 256 DNS proxies on ...
Device > Virtual Systems
Device > Virtual Systems A virtual system (vsys) is an independent (virtual) firewall instance that you can separately manage within a physical firewall. Each vsys ...