Configuring Paloalto Firewall to Access Internet from LAN
This lab covers how to configure the Paloalto firewall (8.0.0). Thus, this VM will be configured to allow access through the firewall to the Internet for the network topology below. It will involve the following steps:
1 Create Zones
2 Create Interface Management Profile
3 Associate interfaces with Interface Management Profile
4 Create Virtual Router
5 Add Static Route
6 Create NAT Policy
7 Create Security Policy
1 Create Zones | Network > Zones > + Add (at bottom left)
2 Name: WAN and select Layer 3 form Type
2a Add interface eth1/2
3 Associate interfaces with Interface Management Profile
3a Network > Interface Management
3b Create Interface Management Profile to allow HTTPS, Ping, SSH, Response Pages for eth1/2
3c Network > Interface > Config
Add + Interface eth1/2, add IP address and select Advance > Other Info >
Management Profile > select profile created earlier
Commit (will save current changes) notice the physical interfaces are now up!
4 Create virtual router from side panel:
5 Add Static Route
6 Create NAT Policy: Policies > NAT > +Add Lan-to-Wan > Original Packet
on Interface eth1/1
7 Create Security Policy Rule: Policies > Security +Add
The IP address 138.18.71.96 is now reachable from the LAN through the firewall!
