HomeSkillet Internet Gateway

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.
L4 Transporter
No ratings

Brief Description

HomeSkillet is a starter internet gateway configuration that builds on a modified version of IronSkillet for use in home networks. It includes interface, zone, NAT, and security policy configuration.

 

homeSkilletNetwork.png

 

Target Audience

Users who want to fast track a basic NGFW Internet gateway setup and configuration in L3, hybrid L2/L3, or vwire mode.

 

Quickplay Details

Documentation: https://homeskillet.readthedocs.io/en/latest/

Github Location: https://github.com/PaloAltoNetworks/HomeSkillet.git

Github Branches: master

PAN-OS Supported: 10.0, 10.1, 10.2

Type of Skillet: Suite of workflow, panos, rest, validation, template, python, ansible playbook

Collections: HomeSkillet
Purpose: setup or demo skillet workflow to configure the NGFW

 

Detailed Description

Running the HomeSkillet skillet leads into a section menu including:

 

  • workflow elements to perform such as clean config, content updates, configuration stages, validations
  • network topology selection: L3 routing, Virtual Wire, or L2/L3 hybrid mode with switching/routing

 

Workflow Elements

  1. Load empty baseline configuration
  2. Perform content updates 
  3. Validation check (pre-ironskillet) [fail expected]
  4. IronSkillet-based configuration (commit required for online validation test)
  5. Validation check (post-ironskillet) [pass expected]
  6. Configure HomeSkillet network components (L3, hybrid L2/L3, vwire)
  7. Configure security policies

 

Also embedded in the workflow are 'get list' skillets to pull interface and zone information from the firewall to use as dropdown lists for interface and zone selection.

 

Topology Selection

HomeSkillet currently supports L3 routing, hybrid L2/L3 routing, and virtual wire (vwire) options.

 

L3 Routing

2x interfaces and 2x zones, one each internal and internet.

virtual routing configuration

NAT

DHCP local server

 

Virtual Wire

2x interfaces and 2x zones, one each internal and internet.

virtual wire between the 2 interfaces

 

Hybrid L2 Switching with L3 routing

2 zone configuration using an external ethernet port and internal vlan logical interface

N number of interfaces are added to the internal L2 switching zone based on user selection

NAT

DHCP local server shared across the internal ethernet interfaces

 

Optional Add-Ons

DHCP UserID [L3 mode only]

Sends local DHCP log events to the management interface and uses DHCP host information to create a User-ID entry.

Does not support static IP addressed hosts.

 

Prerequisites

The following should be completed before running HomeSkillet:

 

  • Firewall licenses activated including all threat, URL, and Wildfire subscriptions
  • Updated with the latest or recommended software release
  • If using Panhandler: updated to the latest release
  • DHCP-based public ethernet interface for L3 or L2/L3 mode


Additional details specific to each loading stage, variables, and release updates are found at https://homeskillet.readthedocs.io/en/latest/

Rate this article:
Comments
L0 Member

Documentation links are incorrect / broken.
Correct link is https://homeskillet.readthedocs.io/en/latest/ 

L4 Transporter

Thanks. we just updated to 10.0 and moved the skillet to master for 9.x and 10.x. Docs update also shifting from release specific.

  • 9887 Views
  • 2 comments
  • 0 Likes
Register or Sign-in
Contributors
Article Dashboard
Version history
Last Updated:
‎04-19-2022 08:38 AM
Updated by: