- Access exclusive content
- Connect with peers
- Share your expertise
- Find support resources
04-15-2024 05:17 AM
Is it possible to extend the layer 2 network over the layer 3 network to the other site using Palo Alto
Basically I am trying to extend the VLAN to other site. Not sure if this can be achieved with Palo Alto. Any suggestion are welcome
04-15-2024 08:21 AM
just put the interfaces into layer2 mode and add them to a vlan (not a vlan interface, that's like a VRF)
add subinterfaces for each vlan tag you want to stretch if you're attaching trunk interfaces
below is a very basic example, in case you're not using trunk interfaces:
I have a small internet facing switch, and 2 internal switches. it's all a 'single vlan' so i'm not using tagged subinterfaces
04-15-2024 09:49 AM
Just because you can doesn't mean you should. Why do you want to extend L2 across sites?
04-15-2024 11:48 PM
Thank you for your response Reaper,
you are using the vlan on the same site but i want to extend this layer 2 vlan to the far end site using layer 3 network. Which seems to be difficult using Palo Alto
04-15-2024 11:49 PM
That is the exceptional requirement for the user, hence wanted to check if it is feasible on Palo Alto
04-16-2024 12:24 AM
ah you want to stretch L2 across sites over a VPN connection. This is not a function offered by Palo Alto (or any firewall AFAIK), this would be something that is handled by network equipment or a Telco/ISP/WAN operator
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!