Given a scenario, identify steps to create and configure a virtual router.
Palo Alto Networks PCNSA Study Guide v10
Virtual Routers
PAN-OS has two types of virtual route engines. The first is the BGP route engine. It ONLY supports BGP and static routing. It can be found on the PA-7000, PA-5200, PA-3200 and the VM series firewalls.
The other is the legacy route engine that supports dynamic routing protocols, multicast routing and static routes. The protocols supported are:
- BGP v4
- OSPFv2
- OSPFv3
- RIPv2
- IMGPv1/v2/v3
- PIM-SM, PIM-ASM, PIM-SSM
Both engines can be configured on the same firewall, but only one may be active at a time. Switching from one to the other requires a commit and reboot of the firewall.
Static routes have a default metric of 10 that is configurable. Virtual routers may remove static routes based on path monitoring. Path monitoring is established using ICMP pings to a reliable host up stream. If the path is unavailable, the virtual router removes it until the host returns.
BGP Route Engine is enabled under Device>Setup>Management and then editing general settings. The box “Advanced Routing” must be checked, committed and then the firewall is rebooted. After the reboot a single Logical Router must be created with the appropriate settings.