Common Building Blocks for Firewall Interfaces
Table of Contents
9.1 (EoL)
Expand all | Collapse all
-
- Objects > Addresses
- Objects > Address Groups
- Objects > Regions
- Objects > Dynamic User Groups
- Objects > Application Groups
- Objects > Application Filters
- Objects > Services
- Objects > Service Groups
- Objects > External Dynamic Lists
- Objects > Custom Objects > Spyware/Vulnerability
- Objects > Custom Objects > URL Category
- Objects > Security Profiles > Antivirus
- Objects > Security Profiles > Anti-Spyware Profile
- Objects > Security Profiles > Vulnerability Protection
- Objects > Security Profiles > File Blocking
- Objects > Security Profiles > WildFire Analysis
- Objects > Security Profiles > Data Filtering
- Objects > Security Profiles > DoS Protection
- Objects > Security Profiles > GTP Protection
- Objects > Security Profiles > SCTP Protection
- Objects > Security Profile Groups
- Objects > Log Forwarding
- Objects > Authentication
- Objects > Decryption > Forwarding Profile
- Objects > Schedules
-
-
- Firewall Interfaces Overview
- Common Building Blocks for Firewall Interfaces
- Common Building Blocks for PA-7000 Series Firewall Interfaces
- Tap Interface
- HA Interface
- Virtual Wire Interface
- Virtual Wire Subinterface
- PA-7000 Series Layer 2 Interface
- PA-7000 Series Layer 2 Subinterface
- PA-7000 Series Layer 3 Interface
- Layer 3 Interface
- Layer 3 Subinterface
- Log Card Interface
- Log Card Subinterface
- Decrypt Mirror Interface
- Aggregate Ethernet (AE) Interface Group
- Aggregate Ethernet (AE) Interface
- Network > Interfaces > VLAN
- Network > Interfaces > Loopback
- Network > Interfaces > Tunnel
- Network > Interfaces > SD-WAN
- Network > VLANs
- Network > Virtual Wires
-
- Network > Network Profiles > GlobalProtect IPSec Crypto
- Network > Network Profiles > IPSec Crypto
- Network > Network Profiles > IKE Crypto
- Network > Network Profiles > Monitor
- Network > Network Profiles > Interface Mgmt
- Network > Network Profiles > QoS
- Network > Network Profiles > LLDP Profile
- Network > Network Profiles > SD-WAN Interface Profile
-
-
- Device > Setup
- Device > Setup > Management
- Device > Setup > Interfaces
- Device > Setup > Telemetry
- Device > Setup > Content-ID
- Device > Setup > WildFire
- Device > Log Forwarding Card
- Device > Config Audit
- Device > Administrators
- Device > Admin Roles
- Device > Access Domain
- Device > Authentication Sequence
-
- Security Policy Match
- QoS Policy Match
- Authentication Policy Match
- Decryption/SSL Policy Match
- NAT Policy Match
- Policy Based Forwarding Policy Match
- DoS Policy Match
- Routing
- Test Wildfire
- Threat Vault
- Ping
- Trace Route
- Log Collector Connectivity
- External Dynamic List
- Update Server
- Test Cloud Logging Service Status
- Test Cloud GP Service Status
- Device > Virtual Systems
- Device > Shared Gateways
- Device > Certificate Management
- Device > Certificate Management > Certificate Profile
- Device > Certificate Management > OCSP Responder
- Device > Certificate Management > SSL/TLS Service Profile
- Device > Certificate Management > SCEP
- Device > Certificate Management > SSL Decryption Exclusion
- Device > Response Pages
- Device > Server Profiles
- Device > Server Profiles > SNMP Trap
- Device > Server Profiles > Syslog
- Device > Server Profiles > Email
- Device > Server Profiles > HTTP
- Device > Server Profiles > NetFlow
- Device > Server Profiles > RADIUS
- Device > Server Profiles > TACACS+
- Device > Server Profiles > LDAP
- Device > Server Profiles > Kerberos
- Device > Server Profiles > SAML Identity Provider
- Device > Server Profiles > DNS
- Device > Server Profiles > Multi Factor Authentication
- Device > Local User Database > Users
- Device > Local User Database > User Groups
- Device > Scheduled Log Export
- Device > Software
- Device > Dynamic Updates
- Device > Licenses
- Device > Support
-
- Network > GlobalProtect > MDM
- Network > GlobalProtect > Device Block List
- Network > GlobalProtect > Clientless Apps
- Network > GlobalProtect > Clientless App Groups
- Objects > GlobalProtect > HIP Profiles
-
- Use the Panorama Web Interface
- Context Switch
- Panorama Commit Operations
- Defining Policies on Panorama
- Log Storage Partitions for a Panorama Virtual Appliance in Legacy Mode
- Panorama > Setup > Interfaces
- Panorama > High Availability
- Panorama > Administrators
- Panorama > Admin Roles
- Panorama > Access Domains
- Panorama > Device Groups
- Panorama > Plugins
- Panorama > Log Ingestion Profile
- Panorama > Log Settings
- Panorama > Scheduled Config Export
End-of-Life (EoL)
Common Building Blocks for Firewall Interfaces
Select NetworkInterfaces to display and configure
the components that are common to most interface types.
For a description of components that are unique or different when
you configure interfaces on a PA-7000 Series firewall, or when you
use Panorama™ to configure interfaces on any firewall, see Common
Building Blocks for PA-7000 Series Firewall Interfaces.
Firewall Interface Building Blocks | Description |
---|---|
Interface (Interface Name) | The interface name is predefined and you
cannot change it. However, you can append a numeric suffix for subinterfaces,
aggregate interfaces, VLAN interfaces, loopback interfaces, tunnel
interfaces, and SD-WAN interfaces. |
Interface Type | For Ethernet interfaces (NetworkInterfacesEthernet), you can select the
interface type:
|
Management Profile | Select a Management Profile (NetworkInterfaces<if-configAdvancedOther Info) that defines the
protocols (such as SSH, Telnet, and HTTP) you can use to manage
the firewall over this interface. |
Link State | For Ethernet interfaces, Link State indicates
whether the interface is currently accessible and can receive traffic
over the network:
Hover over the
link state to display a tool tip that indicates the link speed and
duplex settings for that interface. |
IP Address | (Optional) Configure the IPv4 or
IPv6 address of the Ethernet, VLAN, loopback, or tunnel interface.
For an IPv4 address, you can also select the addressing mode (Type)
for the interface: Static, DHCP Client,
or PPPoE. |
Virtual Router | Assign a virtual router to the interface
or click Virtual Router to define a new one
(see Network
> Virtual Routers). Select None to
remove the current virtual router assignment from the interface. |
Tag (Subinterface only) | Enter the VLAN tag (1-4,094) for the subinterface. |
VLAN | Select NetworkInterfacesVLAN and
modify an existing VLAN or Add a
new one (see Network
> VLANs). Select None to remove the
current VLAN assignment from the interface. To enable switching
between Layer 2 interfaces, or to enable routing through a VLAN
interface, you must configure a VLAN object. |
Virtual System | If the firewall supports multiple virtual
systems and that capability is enabled, select a virtual system
(vsys) for the interface or click Virtual System to
define a new vsys. |
Security Zone | Select a Security Zone (NetworkInterfaces<if-configConfig)
for the interface, or select Zone to define
a new one. Select None to remove the current
zone assignment from the interface. |
Features | For Ethernet interfaces, this column indicates
whether the following features are enabled: |
Comment | A description of the interface function
or purpose. |