Folks, we have a switch to switch routing protocol running and the requirement is to put a palo alto in a vwire mode on such an environent. Please see the file attached with tis post. Now, the catch to this is the "switch-out" forms neighbours with "switch-01" and "switch-02" and packets going inside one link could come out of the other. I just wanted to ensure that this will not cause any packets drops as long as the zones are correctly configured. also, from a very high level what configuration would be needed? Convert each interface to a vwire? add the zones? add the policies? anything else? Thanks!!!
... View more