VM-Series Firewall Does Not Respond on Subinterfaces

25679

Created On 09/26/18 19:10 PM - Last Modified 10/27/21 12:30 PM

VM-Series

Symptom

The Palo Alto Networks VM-Series firewall does not respond on subinterfaces.

Cause

Normally, hypervisor strips off the VLAN tag and forwards untagged frames to the interface because "Port Group" is not configured with tags. But the firewall expects tagged packets on sub-interfaces, hence the firewall will drop all the packets.

Resolution

Make sure on the VMware side port group is configured with VLAN tag, so firewall gets packet with tags on the sub-interfaces.

Kindly refer following vmware document for additional detail.

https://kb.vmware.com/s/article/1004252

owner: hshah

VM-Series Firewall Does Not Respond on Subinterfaces

Symptom

Cause

Resolution

Make sure on the VMware side port group is configured with VLAN tag, so firewall gets packet with tags on the sub-interfaces. Kindly refer following vmware document for additional detail.https://kb.vmware.com/s/article/1004252

Other users also viewed:

Make sure on the VMware side port group is configured with VLAN tag, so firewall gets packet with tags on the sub-interfaces.

Kindly refer following vmware document for additional detail.

https://kb.vmware.com/s/article/1004252