Overview
This document provides steps on how to configure Layer 3 untagged subinterfaces.
Steps
- Go to Network > Interfaces.
- Select a physical interface.
- Enable Untagged Subinterface.The untagged L3 subinterfaces are designed to work without ip-address on the physical device.
- Create Untagged subinterfaces and assign them a different virtual router and zone.The following screenshot shows three L3 subinterfaces configured eth1/6.10, eth1/6.11, and eth1/6.12:
- Subinterface Interface: Ethernet 1/6.10 is assigned a zone L3-Trust
- Subinterface Interface: Ethernet 1/6.11 is assigned a zone L3-DMZ
- Subinterface Interface: Ethernet 1/6.12 is assigned a zone L3-Trust
- Go to Policies > Security to view Security policies for communicating from L3-Trust to L3-DMZ.
- All outgoing traffic from each tenant is source NAT'ed to the subinterface IP address. Go to Policies > NAT to view the NAT policy for the host 10.10.10.10 behind the subinterface Ethernet 1/6.10 to communicate to host 11.11.11.11 behind subinterface Ethernet 1/6.11.
- Go to Policies > Security to view the Security policies applied for communicating from L3-DMZ to L3-Trust.
- Go to Policies > NAT to view the NAT policy for the host 11.11.11.11 behind the subinterface Ehternet 1/6.11 to communicate to host 10.10.10.10 behind subinterface Ethernet 1/6.10.
With the above configuration, the host 10.10.10.10 (behind subinterface Ethernet 1/6.10) can ping host 11.11.11.11 (behind Etherent 1/6.11) and the other way around.
1 comment:
Best Slot Machines in the World | by Casino Guru
List of the 마리나 베이 샌즈 카지노 쇼미 더벳 Best Slot Machines in the World · 1. Pragmatic Play · 2. Mega Moolah 코인카지노 · 3. 메리트 카지노 주소 Slotwolf · 바카라 사이트 4. Pragmatic Play · 5. 카지노
Post a Comment