10-21-2015 11:27 AM
I want set up two interfaces from PA as shown below. Traffic via Link will get to SW1 and on to S1, the same for the other link. The two are separated for security reasons.
The issue is that, say SW1 fails we will need to re-wire SW2 to allow continued operation (shown in dotted line). But the security rules on the PA will not allow this without amending them.
My question is, is it possible to trunk link 1 & 2 so that this will be allowed to happen without the need to amend rules on the PA but maintain the traffic segregation? If such thing exist on the PA , please point in that direction.
Note, this diagram is just a concept to show the issues, the actual setup is much more. The two switches are just bog standard Layer 3 stuff.
10-21-2015 12:46 PM
in your case, use Layer2 deployment (see PANOS admin guides about how to operate this mode)
10-21-2015 01:06 PM
Thank you.
Are you able to give a rough outline of the setup ?
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
