02-09-2014 12:50 PM
I'm trying to put together a plan of action to get globalprotect to work for us. I have a work ticket open with PA. Our PA firewall is currently deployed in a VWire setup, on the lan side of our router. Here are my big questions for getting this accomplished.
1) If I switch the vwire to layer 3 can I migrate the security profile name so I don't have to re-write every security policy?
2) Can the establishment of a virtual router on the layer 3 interface disrupt existing routes established by our physical router? This may be a silly question here. I'm just wondering if establishing a virtual router behind our physical one would disrupt or block any existing traffic routes, or if it would only momentarily establish new routes with RIP or the like.
