L2 subinterface + L3 subinterface on the same interface

Reply
Highlighted
L0 Member

L2 subinterface + L3 subinterface on the same interface

Hello all,

Is it possible to create an L2 tagged sub-interface and an L3 tagged sub-interface on the same physical interface.

For example.

Ethernet 1/6

    Ethernet 1/6.100 --- L2 Interface.    Security Zone "IPS only".      /* this sub-interface will be used to Content-ID scan servers sitting on the same subnet as this interface but connected to another L2 interface on the same PaloAlto */

    Ethernet 1/6.100 --- L3 - IP 204.50.105.195  Security Zone Untrusted         /* this sub- interface that will deliver/NAT traffic in and out to a Trusted security zone on another L3 interface which is connected to the same PaloAlto /*

Is this possible?  Doesn't look like it to me, but maybe it is.

Please let me know if any additional information is needed.


Thanks,

Matt

L5 Sessionator

Re: L2 subinterface + L3 subinterface on the same interface

Hello Matt,

Yes.It is not possible to configure a L2 and a L3 sub-interface under one physical interface. Because, when you create that physical interface initially, we have to select 'interface type' option. So we select layer 3 as interface type, all the sub-interfaces under that physical interface should be layer 3 only

Hope that helps!

Regards,

Kunal Adak

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!

The Live Community thanks you for your participation!