how's it going everybody in

this video we're going to take a look at

our next palo alto topic which is going
to be
virtual routers now for those of you
that come from
the ios router background you should be
if you're not already familiar with the
concept of virtual routing and
forwarding tables or vrfs
then not that big of a deal but
in palo alto same concept applies where
you have a virtual router
basically it allows you to take a palo
alto firewall and carve it up into
multiple
virtual routing tables so
asa does this with the concept of
multiple context mode
i don't i believe fortinet does this
with what they call vdoms but don't
quote me on that not an expert on
fortinet
but virtual routers basically allow you
to create different routing tables for
different customers
and from what i understand you're able
to route between them i have not tested
that out yet so don't quote me on those
details
but the idea is when you create
a there's a virtual router that exists
by default
called the default virtual router and
whenever you want to
um map an interface to or create an
interface and you want it to be in the
routing table
of the firewall it needs to be mapped to
a virtual router it doesn't
doesn't get that by default so because i
did some testing i didn't create one
all right i didn't map it and i did some
testing it wouldn't ping and i'm like
what the heck is going on
i use a little bit of digging i'm like
oh i didn't map the vr to it
mapped the vrf boom it started to work
so
that's basically how that process comes
into play you can create your own
virtual router if you want or you can
use the default it's up to you and how
you want to do that
i use the default because well because i
can now if you
don't want to use it you don't have to
you can create your own and then roll
that it's up to you how you want to do
that
but that's pretty much that there's
multiple routing options available to it
as well if you want to dive into those
details you can
but basically it's just a default it's
just another routing table
so if you use the default routing table
or default via virtual router i should
say on
a pa firewall it's no different than the
default vrf in a cisco router or the
global writing table if you want to
create
routing table or vrf a then it's going
to
you know you just map interfaces to that
vrf and voila you're in good shape
so let's go ahead and go ahead and
actually map some interfaces to this
so i'm actually going to go ahead and
just do the e1 slash one interface
because we're
we're playing with it right now just to
show you what that looks like if you go
to network
and you go to virtual routers here you
can create your own
right so you can click on add create a
vr
name it whatever you'd like you know vr
one or whatever and then all of your
routing goes underneath that particular
virtual router
and then you have your static routes and
you have your redistribution profile
so for example if you have a default
route in the routing table and you want
to bring it
propagate that via ospf or rip or bgp
you can do that as well
those are options if you'd like to do
that we're going to be taking a look at
the dynamic writing protocols a little
bit down the road
but that's basically where we're where
we are
so let's go ahead and on the interfaces
tab
we're going to go to ethernet one slash
one
and on the this page right here
it says config
assign interface to virtual right now
virtual router is none
right so we can hit the drop down and go
to
default or you can come in here and
create a new virtual router if you want
to do that
and go from there so that's pretty much
that we're going to click on ok
and then you'll see that over here on
the right hand side that
we are now in the virtual router of
default
now if you want to go ahead and do any
routing underneath the virtual router
there's a couple different ways that you
can go do this like if i want to go in
here and create a static route
so i go click on here and i create a
static route
i click on add i create the static route
and variables that i want to have right
everything is good to go there well i
get all that stuff
done and then i go ahead and i
apply it and click on cancel here
if you want to know more about what's
there you know if you don't want to be
connected to the cli you can click on
more runtime stats
and it's actually going to show you what
the routing table looks like
nothing's going to show up right now
because none of the interfaces on the
device are configured
that's where we're going to take a look
in the next video that one's going to
take a little bit because we're taking
what we learned about
zones and in virtual routers and mapping
it in that video
so that's basically where that comes
into play so
in a nutshell that's basically virtual
routers and how they work
there's more to it than that but for
just a
in a basic introductory introductory
basics
that's what you need to know so with
that being said ladies and gentlemen
thanks for stopping by and we'll catch
you guys in the next video