- Access exclusive content
- Connect with peers
- Share your expertise
- Find support resources
10-02-2015 12:48 PM
I am wondering if you can create two virtual firewalls inside one physical PA-200 box?
If this is possible I would like two physical ports to be allocated to each virtual firewall. One virtual firewall and its set of ports will be for a production network and the other virtual firewall and ports will be used for a visitor network. I am trying to figure out a solution to avoid having to use two separate PA-200 boxes. I have one solution which is the visitor traffic flow over the same vpn interface as the production traffic, which I want to avoid.
10-10-2015 09:40 PM - edited 10-10-2015 09:42 PM
As commented before VSYS are not supported, but you can create 2 virtual routers and assign two ports to each one. The networks will be segregated between the virtual routers (unless you create inter-VR routes). The only downside is that the security policies will be in the same rulebase but you can create two tags: production and visitors and assign the corresponding one to each policy to help you with the management.
Regards,
Gerardo
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!