09-26-2025 06:23 PM - edited 09-27-2025 04:02 PM
Good morning,
New to PA but have configured Fortinet, Meraki, Unifi firewalls so not a complete novice.
I have a PA410 trying to setup on my home lab for testing prior to deployment. Connection path to Internet as follows:
PA410 ----- L2 GBe Switch ----- Unifi Dream Machine (DHCP) ----- Fibre Internet
After powering on, I set it to boot in standard mode then configure an "Internet" zone as Layer 3 and interface ethernet1/1 as Layer 3 on the Internet zone using DHCP.
After doing that plug my ethernet cable in and the LED comes on for about 20 seconds then goes out - never to be seen again. Interface status is configured but down. Same deal on ethernet1/2.
When I connect same cable to ethernet1/3 the LED stays on and the Interface goes green. Status is "not configured but up". Set as DHCP but no IP information is received (LED stays on).
I feel a bit stupid here as I'm sure it's something straightforward that I haven't been able to find in my searches. If anyone has any ideas, they'd be appreciated.
Thanks in advance.
09-29-2025 03:53 PM
Hi,
So I managed to resolve my own issue. For some reason the default "virtual-wire" configuration was causing this. Even though I changed 1/1 and 1/2 setting to remove the virtual-wire membership it wouldn't allow me to commit the changes. Once deleted the interface changes were saved and the interface lit up, got an IP and we're now Hollywood.
Would appreciate if PA could explain why this default configuration caused such as hassle out of the box?
09-29-2025 03:53 PM
Hi,
So I managed to resolve my own issue. For some reason the default "virtual-wire" configuration was causing this. Even though I changed 1/1 and 1/2 setting to remove the virtual-wire membership it wouldn't allow me to commit the changes. Once deleted the interface changes were saved and the interface lit up, got an IP and we're now Hollywood.
Would appreciate if PA could explain why this default configuration caused such as hassle out of the box?
09-30-2025 01:16 AM
That's been in there since forever, sorry you had to figure that out for yourself
I think the intent behind this default config is to provide the ability to quickstart. Plug eth1/1 into the internet, eth1/2 into the LAN and you're up and running. you can then add or change the config as you go with the device already inline
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
