Configure Inter-Virtual System Communication within the Firewall

Perform this task if you have a use case, perhaps within a single enterprise, where you want the virtual systems to be able to communicate with each other within the firewall. Such a scenario is described in Inter-VSYS Traffic That Remains Within the Firewall. This task presumes:
  • You completed the task, Configure Virtual Systems.
  • When configuring the virtual systems, in the
    Visible Virtual System
    field, you checked the boxes of all virtual systems that must communicate with each other to be visible to each other.
  1. Configure an external zone for each virtual system.
    1. Select
      Network
      Zones
      and
      Add
      a new zone by
      Name
      .
    2. For
      Location
      , select the virtual system for which you are creating an external zone.
    3. For
      Type
      , select
      External
      .
    4. For
      Virtual Systems
      , click
      Add
      and enter the virtual system that the external zone can reach.
    5. (
      Optional
      ) Select a
      Zone Protection Profile
      (or configure one later) that provides flood, reconnaissance, or packet-based attack protection.
    6. (
      Optional
      ) In
      Log Setting
      , select a log forwarding profile for forwarding zone protection logs to an external system.
    7. (
      Optional
      ) Select
      Enable User Identification
      to enable User-ID for the external zone.
    8. Click
      OK
      .
  2. Configure the Security policy rules to allow or deny traffic from the internal zones to the external zone of the virtual system, and vice versa.
  3. Commit your changes.
    Click
    Commit
    .

Related Documentation