9.1.14-h4 and subnet shared between multiple vSYS

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

9.1.14-h4 and subnet shared between multiple vSYS

L2 Linker

Hello All,

 

We are checking a corner case design where we have PA-3220 firewall with 9.1.14-h4 software version. It has 2 vSYS enabled already and we have simple setup: ISP_Router ---- L2 Switch ---- Firewall. The question I have: is it possible to use same subnet/same VLAN ID for subinterfaces between 2 vSYS?

 

For example we have a port-channel assigned to vSYS1, where we have subinterfaces like ae1.101, ae1.102 and ae1.103.

 

We want to create another subinterface for example on port Ethernet1/15, which will look like Ethernet1/15.101, which will be assigned to vSYS2. Also we want Ethernet1/15.101 to have same subnet as ae1.101, but of course with different IP address. For example 1.1.1.1/24 for ae1.101 and 1.1.1.2/24 for Ethernet1/15.101.

 

It looks like in 10.1.x such configuration will be at least accepted by firewall. As we have no lab 9.1.14 to try it, can you tell me if such setup supposed to be working on 9.1.14?

 

Thanks!

1 REPLY 1

Cyber Elite
Cyber Elite

@Andreikin,

From what you've described there's no reason that this wouldn't work on 9.1. You aren't sharing anything in this case, it's logically a different system and the fact that there's an overlap doesn't matter as long as you aren't trying to do anything with inter-vsys routing that you'd have to take into account. 

  • 1305 Views
  • 1 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!