A customer wants to set up a VLAN interface for a Layer 2 Ethernet port.
Which two mandatory options are used to configure a VLAN interface? (Choose two.)
A customer wants to set up a VLAN interface for a Layer 2 Ethernet port.
Which two mandatory options are used to configure a VLAN interface? (Choose two.)
To configure a VLAN interface for a Layer 2 Ethernet port, the two mandatory options are 'Virtual router' and 'Security zone.' The virtual router is necessary to handle the routing of traffic entering and leaving the VLAN. The security zone assigns the VLAN interface to a specific zone, which is used to manage and control traffic based on security policies. Options such as ARP entries and Netflow Profile are not mandatory for the basic configuration of a VLAN interface.
Correct A, B Configure Netflow profile is not mandatory https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClRqCAK
Strange the answer is listed as C,D
https://docs.paloaltonetworks.com/pan-os/10-1/pan-os-web-interface-help/network/network-interfaces-vlan
none of those are mandatory but the first two are the most plausible answers as those need to be configured for the interface to work
A, B https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClRqCAK
A and B
I feel like this is one of those trick questions....You can create an interface that is marked as layer 2 type and it does not need an IP address. Just because it says vlan interface doesnt mean its layer 3 routable. When walking through my palo none of these items are "required" when I create a physical interface and mark as a layer 2 vlan.
To configure a VLAN interface for a Layer 2 Ethernet port, the two mandatory options you need to set are: A. Virtual router - This specifies which virtual router the VLAN interface is associated with. The virtual router handles the routing of traffic entering and leaving the VLAN. B. Security zone - This option assigns the VLAN interface to a specific security zone. Security zones are used to control and manage traffic based on the security policies defined within the firewall. Options C (ARP entries) and D (Netflow Profile) are not mandatory for configuring a VLAN interface. ARP entries are automatically managed by the device as needed, and a Netflow Profile is related to traffic monitoring, not a basic configuration requirement for setting up a VLAN interface.
This plus an IP address was all I used to configure my VLANs.
You do not need an IP address for a "layer 2" vlan.
Correct B and C Layer 2, no mandatory virtual router(Layer 3) and not netflow profile https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClRqCAK
But you don't need ARP entries either.....
Correct answer is A and B. https://docs.paloaltonetworks.com/pan-os/10-2/pan-os-networking-admin/configure-interfaces/layer-2-interfaces/configure-a-layer-2-interface-subinterface-and-vlan
You link never mentions the need for a virtual router....
Correct A,B
I select these option due to the fact that layer 2 interface configuration in Palo, as we select layer 2 in interface it never ask for Virtual router.
The question refers to a vlan interface which is essentially used to provide L3 connectivity for a vlan. In order to configure vlan interface, you have to provide security zone and virtual router within the configuration.
Answer is A,B
Virtual Router and Security Zone
Correct A, B
A and B