topic communication of vlan interfaces not working in Next-Generation Firewall Discussions https://live.paloaltonetworks.com/t5/next-generation-firewall/communication-of-vlan-interfaces-not-working/m-p/539554#M1170 <P>Hello,</P> <P>I have two firewalls connected over "L2 Line" from our ISP.</P> <P>We would like to use this line to route between our two sites instead of IPSec tunnel.<BR />On this line I can use vlans from 1-100 for communication.</P> <P>On both firewalls I created L2 interface with tagged sub-interface from this range.</P> <P>Then I created vlan interface with IP address and same tag as the L2 sub-interface.</P> <P>L2 sub-interface and vlan interface are in the same vlan.</P> <P>On both firewalls vlan interface has Management profile set for this IP address range and ping allowed.</P> <P>No policy is blocking this traffic on both firewalls(confirmed by Traffic monitor)</P> <P>When I tried ping with selecting source IP to be the vlan interface and host the opposite vlan interface on the second firewall, ping is not working.</P> <P>Can you point me if I am missing something in this config or what else to check? I would like to be sure that I did all I can before I will go to ISP with assumption that maybe the L2 line is not working as expected.</P> <P>Thank you for help</P> Thu, 20 Apr 2023 15:02:49 GMT AdamHP 2023-04-20T15:02:49Z communication of vlan interfaces not working https://live.paloaltonetworks.com/t5/next-generation-firewall/communication-of-vlan-interfaces-not-working/m-p/539554#M1170 <P>Hello,</P> <P>I have two firewalls connected over "L2 Line" from our ISP.</P> <P>We would like to use this line to route between our two sites instead of IPSec tunnel.<BR />On this line I can use vlans from 1-100 for communication.</P> <P>On both firewalls I created L2 interface with tagged sub-interface from this range.</P> <P>Then I created vlan interface with IP address and same tag as the L2 sub-interface.</P> <P>L2 sub-interface and vlan interface are in the same vlan.</P> <P>On both firewalls vlan interface has Management profile set for this IP address range and ping allowed.</P> <P>No policy is blocking this traffic on both firewalls(confirmed by Traffic monitor)</P> <P>When I tried ping with selecting source IP to be the vlan interface and host the opposite vlan interface on the second firewall, ping is not working.</P> <P>Can you point me if I am missing something in this config or what else to check? I would like to be sure that I did all I can before I will go to ISP with assumption that maybe the L2 line is not working as expected.</P> <P>Thank you for help</P> Thu, 20 Apr 2023 15:02:49 GMT https://live.paloaltonetworks.com/t5/next-generation-firewall/communication-of-vlan-interfaces-not-working/m-p/539554#M1170 AdamHP 2023-04-20T15:02:49Z