- Access exclusive content
- Connect with peers
- Share your expertise
- Find support resources
05-15-2023 11:51 PM
Hi All,
Please help. I never configured Sub-Interface in PA. There is a new requirement to configure a sub-interface under already configured interface. So my doubt is how this Sub-interface if we already configured the physical interface with the IP address? What is the use of Sub-interface is it similar to the VLAN interfaces in Checkpoint and ASA? In what situations we use Sub-interfaces? What is the use of VLAN if sub interfaces act as VLAN interfaces?
Also can we configure 2 interfaces with the IP addresses in the same subnet? Like 1.1.1.1/29 on one interface and 1.1.1.2/29 on other interface and attach different VRs to both those interfaces?
Regards,
Sanjay S
05-16-2023 10:51 PM
Hi @Sanjay_Ramaiah ,
Think of sub-interfaces as a way to divide one physical network connection into multiple virtual connections. It's like having several mini-networks within a single network connection.
For example, let's say you have three VLANs: VLAN 10, VLAN 20, and VLAN 30. Instead of needing three separate physical ports on the firewall, you can create three sub-interfaces on a single physical port. Each sub-interface is associated with one VLAN.
By doing this, you can treat each sub-interface as if it were a separate network port. You can apply different security rules, policies, and routing configurations to each sub-interface. It helps in isolating traffic between different VLANs or subnets and controlling how they communicate with each other.
05-16-2023 10:51 PM
Hi @Sanjay_Ramaiah ,
Think of sub-interfaces as a way to divide one physical network connection into multiple virtual connections. It's like having several mini-networks within a single network connection.
For example, let's say you have three VLANs: VLAN 10, VLAN 20, and VLAN 30. Instead of needing three separate physical ports on the firewall, you can create three sub-interfaces on a single physical port. Each sub-interface is associated with one VLAN.
By doing this, you can treat each sub-interface as if it were a separate network port. You can apply different security rules, policies, and routing configurations to each sub-interface. It helps in isolating traffic between different VLANs or subnets and controlling how they communicate with each other.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!