Configure Inter-Virtual System Communication within the Firewall
Perform this task if you have a use case, perhaps within a single enterprise, where you want the virtual systems to be able to communicate with each other within the firewall. Such a scenario is described in Inter-VSYS Traffic That Remains Within the Firewall. This task presumes:
- You completed the task, Configure Virtual Systems.
- When configuring the virtual systems, in the Visible Virtual System field, you checked the boxes of all virtual systems that must communicate with each other to be visible to each other.
- Configure an external zone for each virtual system.
- Select NetworkZones and Add a new zone by Name.
- For Location, select the virtual system for which you are creating an external zone.
- For Type, select External.
- For Virtual Systems, click Add and enter the virtual system that the external zone can reach.
- (Optional) Select a Zone Protection Profile (or configure one later) that provides flood, reconnaissance, or packet-based attack protection.
- (Optional) In Log Setting, select a log forwarding profile for forwarding zone protection logs to an external system.
- (Optional) Select Enable User Identification to enable User-ID for the external zone.
- Click OK.
- Configure the Security policy rules to allow or deny traffic from the internal zones to the external zone of the virtual system, and vice versa.
- Commit your changes.Click Commit.
Inter-VSYS Traffic That Remains Within the Firewall
Inter-VSYS Traffic That Remains Within the Firewall Unlike the preceding multi-tenancy scenario, virtual systems on a firewall can be under the control of a single ...
External Zones and Security Policies For Traffic Within a F...
External Zones and Security Policies For Traffic Within a Firewall In the following example, an enterprise has two separate administrative groups: the departmentA and departmentB ...
Communication Between Virtual Systems
Communication Between Virtual Systems There are two typical scenarios where communication between virtual systems (inter-vsys traffic) is desirable. In a multi-tenancy environment, communication between virtual ...
Building Blocks of Security Zones
Building Blocks of Security Zones To define a security zone, click Add and specify the following information. Security Zone Settings Description Name Enter a zone ...
Configure a Shared Gateway
Configure a Shared Gateway Perform this task if you need multiple virtual systems to share an interface (a Shared Gateway ) to the Internet. This ...
External Zone The communication desired in the use case above is achieved by configuring security policies that point to or from an external zone. An ...
Virtual Systems This topic describes virtual systems, their benefits, typical use cases, and how to configure them. It also provides links to other topics where ...
Inter-VSYS Communication Uses Two Sessions
Inter-VSYS Communication Uses Two Sessions It is helpful to understand that communication between two virtual systems uses two sessions, unlike the one session used for ...
External Zones and Shared Gateway
External Zones and Shared Gateway A shared gateway is an interface that multiple virtual systems share in order to communicate over the Internet. Each virtual ...