Configure a Security Zone (REST API)

Security zones are a logical way to group physical and virtual interfaces on the firewall to control and log the traffic that traverses specific interfaces on your network. You must assign an interface on the firewall to a security zone before that interface can process traffic. A zone can have multiple interfaces of the same type, but an interface can belong to only one zone. You can create zones directly on the firewall or as part of a network template on Panorama™.
The following example shows you how to use a Panorama REST API request to create a security zone with Ethernet interfaces and a virtual SD-WAN interface. See Configure an SD-WAN Interface (REST API) for an example of a REST API request to create a virtual SD-WAN interface and an example of a REST API request to configure an Ethernet interface.
curl -X POST 'https://<Panorama>/restapi/v9.1/network/zones?location=template&template=SDWAN-Branch-Network&name=Untrust' -H 'X-PAN-KEY: <api key>' -d '{ "entry": { "@name": "Untrust", "enable-user-identification": "no", "network": { "layer3": { "member": [ "ethernet1/1", "ethernet1/2", "sdwan.1" ] } } } }'

Recommended For You