About TroyAbbott

I'll do my best to put this question into words. My company owns a /24 Public IP range. I have an engineering department that needs a /29 IP space off of that block for their Lab Environment.  I have a Juniper MX104 Router and a Palo 5220 Firewall. I'm not sure what my best steps are to get this circuit passed through the Firewall straight to the Lab environment (and Palo support is extremely slow at the moment). 1. On the Juniper Router I have a Logical Interface created irb.312 which is using the first available IP in the /29 range. 2. On the Juniper Router I have a Physical interface created to be a bridge interface using vlan-id 312 3. The Lab has an SRX that is setup to use the second available IP in the /29 range. What are my best steps on the Palo? I was hoping a Virtual Wire would work, but the interface goes straight to down when I configure it as a Virtual Wire interface. I am hoping I don't need to create a Layer 3 interface on the Palo as I don't want to use anymore of the IPs available in the /29 (since the Edge Router and the Lab SRX are both using an IP in that /29 range already). In terms of "topology", we do want the traffic to pass through our Palo since that is what our Network Team manages. The Lab Firewall is not managed by us, so we don't want to bypass our own Firewall. If that makes sense? Any input would be appreciated! Thank you. ... View more