- Access exclusive content
- Connect with peers
- Share your expertise
- Find support resources
07-03-2019 12:40 AM
Hi Team,
We have requirement to build a permiter gateway firewall under Hyper-V using PA-VM-300.
In practical world this is realy possible to do so, force all traffic (in/out) pass through using Hyper-PA-VM. If it is there help with the documentation and suggestion like pre-requistes.
Please help.
Thanks ,
animesh
07-03-2019 12:46 AM
07-03-2019 10:41 AM
Hello,
I agree that Layer3 should be the better option. Basically you have 3 interfaces on the VM-300, trust, untrust, and management. So on ESX you would mapp one interface/vswitch to the untrust, and same with the trust and managment (however the management interface can be on a vswitch with other internal networks).
Hope this helps.
07-03-2019 09:42 PM
Want to deploy in Layer 3 mode in Hyper-V. where in we can do the DNAT/SNAT easily, IPSec Tunnels creation all stuff that is possible through appliance.
Understading this is really possible in that way - spin up VM in Hyper-V and used Untrus and Trust Zone in layer 3 mode. ?
From User to Internet traffic flow would be like this -- Users --> Core Siwtch Layer 3 G/W --> Trust Interface of PA-VM (Hyper-V) --> Untrust Interface of PA-VM (Hyper-V) --> Core Switch Trunk Port --> ILL Router --> Internet.
Share some light here.....
Thanks
07-03-2019 11:25 PM
07-05-2019 09:59 AM
Hello,
If you are using the PAN interfaces in layer3, you shouldnt need a Layer3 interface on the switches. However the flow looks correct.
Regards,
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!