06-17-2019 10:43 PM
Configuration changes in case we move from 4 internet lines to one single internet line ?
in Our Current scenario, We have 4 interfaces configured with 4 different Public IP address and each interface is linked to the different router( Internet),each interface has different services (Internet Email1, Email2, VPN)
We are planning to get one new internet line (Fiber line ) from a new ISP and remove the old 4 internet connection In current configuration we are using PBF for next hope and NAT
Kindly advise the changes to be done in the Palo Alto Firewall for the above scenario
06-18-2019 07:28 AM
Hello,
Setup the new ISP on its own interface with the same zone as the other interfaces (if they are different get them onto one), then change your virtual router routing for the default routes. Change the NAT and security policies if you are hosting exernally accessible services (you mentioned email). Also change NAT and securoty policies for exeternal browsing.
That is the super high level of hwat needs to be done.
Regards,
06-18-2019 10:52 PM
Thanks @OtakarKlier for your advise
Ithis case what proper way to configure the new public ip address (6 IP)
Should configure subinterface or added the IP to interface
Because i have multiple zones
06-19-2019 08:18 AM
Hello,
Someone can correct me if I am wrong, however a L3 interface with sub interfaces with the IP's and zone assignments. L3 interfaces are the Palo Alto preferred interface type.
Regards,
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
