Beruflich Dokumente
Kultur Dokumente
2 Review the default policies, which allow all traffic to flow from the trust zone to the
untrust zone while inspecting for viruses, vulnerability, and spyware. In addition, the
default policies deny the flow of traffic from the untrust zone to the trust zone.
PA-200
Quick Start
7 Enter the new MGT interface information for accessing the enterprise management
network. Click OK. Click Commit.
8 Disconnect your computer from the PA-200 device.
9 Connect the MGT port on the device to the enterprise management network.
VERIFYING THE MANAGEMENT CONFIGURATION
10 Connect your computer to the enterprise management network.
11 Open a browser window and type https://<MGT_port_IP_Address>.
Have an RJ-45 Ethernet cable to connect your computer to the management port on
the PA-200 device.
Set your computers IP address to 192.168.1.2 and the subnet mask to 255.255.255.0.
NOTE: This card assumes the device has been properly rack-mounted and powered up as
described in the PA-200 Hardware Reference Guide.
Where to Go Next
To learn about device administration, refer to the Palo Alto Networks Administrators
Guide.
1 Connect your computer to the management port (MGT) using an RJ-45 Ethernet cable.
2 Turn your computer on.
To learn about the CLI, refer to the PAN-OS Command Line Interface Reference
4
Type
admin in both the Name and Password fields.
5
Click
Login.
Guide.
6
Click
Device > Administrators > admin.
www.paloaltonetworks.com
10
Click
OK.
OPTION A: Virtual Wire deployment Choose this option to transparently place the
PA-200 device between two ports where no routing, switching, or NAT is required.
OPTION
Obtain two IP addresses for ports 1 and 2 on the PA-200 device from your network
administrator.
OPTION B: Layer 2 deployment Choose this option to deploy the PA-200 device in
a Layer 2 environment where switching is required.
OPTION C: Layer 3 deployment Choose this option to deploy the PA-200 device in
a Layer 3 environment where routing and NAT are required.
C LAYER 3 DEPLOYMENT
3
Click
ethernet1/1 and choose L3 from the drop-down menu.
Enter the IP address and subnet mask (for example, 10.1.1.1/24) for port 1 in the IP
Address and Subnet Mask field.
5
Click
Add and then click OK.
6
Click
ethernet1/2 and choose L3 from the drop-down menu.
Type the IP address and subnet mask (for example, 10.1.2.1/24) for port 2 in the
IP Address and Subnet Mask field.
8
Click
Add and then click OK.
OPTION
The default configuration of the PA-200 device is a virtual wire between ports 1 and
2, which enforces security policies. No configuration is required for this basic setting.
Proceed to Performing the Final Setup.
10
Choose
11
Check the check box for ethernet1/2 and then click OK.
12 Click untrust.
13
Choose
OPTION
B LAYER 2 DEPLOYMENT
14 Check the check box for ethernet1/1 and then click OK.
18 Enter network definition in the IP Address/Mask field and the gateway IP in the
Next Hop IP field to configure the static route, and click Add.
4 Click Network > Zones and then click trust. Choose Layer2 from the Type drop-down box.
Check the check box for ethernet1/2 and then click OK.
6
Click
untrust. Choose Layer2 from the Type drop-down box.
7 Check the check box for ethernet1/1 and then click OK.