Would I be able to setup my Wireless Router on a seperate VLAN so i know which devices connect to it? Or, would it need to have its own interface and zone?! Thanks!
Yes. You can connect the Wireless Router in bridge mode; then create a subinterface on the Palo Alto Networks Firewall. Suggestion here is to make the interfaces L3 and bundle within an AE and create a subinterface for "WiFi" and add DHCP to the interface to hand IPs out to your WiFi clients.
Hi Ed just a beginner question. In your initial diagram would Private_Vlan and DMZ_Vlan each have a switch which devices would connect to and then the switch would connect to PA interfaces mentioned?
Yes, that would be case. The hosts (servers, endpoints, etc) would connect to a switch. Each of those switch interfaces would be configured as an access port with the VLAN (switchport mode access, switchport access vlan x). From the switch(es), they would have interfaces connecting to the Palo Alto Networks Firewall and configured as trunk interfaces. Endpoint Switch Firewall
Can you trunk multiple switches to the palo for the same VLANs on dedicated ports on the palo or do you have to have one switch act as a core? example: switch 1 on palo interface 1/4, switch 2 on 1/5, and switch 3 on 1/6? all with the same VLANs.
What happened to the Private VLAN after you created the Guest zone?
Would I be able to setup my Wireless Router on a seperate VLAN so i know which devices connect to it? Or, would it need to have its own interface and zone?! Thanks!
Yes. You can connect the Wireless Router in bridge mode; then create a subinterface on the Palo Alto Networks Firewall. Suggestion here is to make the interfaces L3 and bundle within an AE and create a subinterface for "WiFi" and add DHCP to the interface to hand IPs out to your WiFi clients.
Hi Ed just a beginner question. In your initial diagram would Private_Vlan and DMZ_Vlan each have a switch which devices would connect to and then the switch would connect to PA interfaces mentioned?
Yes, that would be case. The hosts (servers, endpoints, etc) would connect to a switch. Each of those switch interfaces would be configured as an access port with the VLAN (switchport mode access, switchport access vlan x). From the switch(es), they would have interfaces connecting to the Palo Alto Networks Firewall and configured as trunk interfaces.
Endpoint Switch Firewall
Thanks. Good Explanation !!
Can you trunk multiple switches to the palo for the same VLANs on dedicated ports on the palo or do you have to have one switch act as a core?
example: switch 1 on palo interface 1/4, switch 2 on 1/5, and switch 3 on 1/6? all with the same VLANs.
great..thanks...