We have requirement to build a permiter gateway firewall under Hyper-V using PA-VM-300.
In practical world this is realy possible to do so, force all traffic (in/out) pass through using Hyper-PA-VM. If it is there help with the documentation and suggestion like pre-requistes.
I agree that Layer3 should be the better option. Basically you have 3 interfaces on the VM-300, trust, untrust, and management. So on ESX you would mapp one interface/vswitch to the untrust, and same with the trust and managment (however the management interface can be on a vswitch with other internal networks).
Hope this helps.
Want to deploy in Layer 3 mode in Hyper-V. where in we can do the DNAT/SNAT easily, IPSec Tunnels creation all stuff that is possible through appliance.
Understading this is really possible in that way - spin up VM in Hyper-V and used Untrus and Trust Zone in layer 3 mode. ?
From User to Internet traffic flow would be like this -- Users --> Core Siwtch Layer 3 G/W --> Trust Interface of PA-VM (Hyper-V) --> Untrust Interface of PA-VM (Hyper-V) --> Core Switch Trunk Port --> ILL Router --> Internet.
Share some light here.....
If you are using the PAN interfaces in layer3, you shouldnt need a Layer3 interface on the switches. However the flow looks correct.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!
The Live Community thanks you for your participation!