ROUTING INTER VSYS

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

ROUTING INTER VSYS

L3 Networker

Hello ,

I need to route users between more than 2 VSYS. do you know if it's possible to route packet between more than 2 VSYS. PACKET IN-> VSYS1 -> VSYS2->VSYS3-> out. What is the limitation for the routing inter VSYS

thks for your help!

ALex

3 REPLIES 3

L7 Applicator

See the section on defining inter-vsys policies for the steps involved in the Virtual Systems documentation link below.

Virtual Systems (VSYS)

Steve Puluka BSEET - IP Architect - DQE Communications (Metro Ethernet/ISP)
ACE PanOS 6; ACE PanOS 7; ASE 3.0; PSE 7.0 Foundations & Associate in Platform; Cyber Security; Data Center

hello,

so I can read "

Inter-vsys traffic, also known as ‘shared-vsys’, allows the administrator to define systems where

flows can traverse two vsys’s without the need to leave the firewall when being routed between

the vsys’." I don't know if sgnificate that the flow can't traverse more than 2 VSYS?

did you implement shared gateway

A shared gateway allows you to create a common virtual interface for the virtual systems that correspond to a single physical interface.  This is helpful in environments where the ISP provides only a single IP address.  All of the virtual systems communicate with the outside world through the physical interface using a single IP address. For one or more shared VSYS to forward traffic to/from a shared gateway they have to be configured with the same virtual router (VR).  The interface must be a Layer3 interface and can include VLANs, aggregate ethernet, loopback and tunnel interfaces.

ou are limited to created shared gateway depend of the appliance

VSYS Shared Gateway Capacity Matrix

ref

How to Set Up Shared Gateway and Inter VSYS

regard's

  • 3484 Views
  • 3 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!