Refer to the exhibit.
Which will be the egress interface if the traffic's ingress interface is ethernet1/7 sourcing from 192.168.111.3 and to the destination 10.46.41.113?
PCNSE Exam QuestionsBrowse all questions from this exam
PCNSE Exam - Question 45
Show AnswerHide Answer
Correct Answer: D
When dealing with a virtual-wire interface setup, traffic entering one interface is passed directly to the paired interface. In this case, according to the 'show virtual-wire all' command output, ethernet1/7 is paired with ethernet1/5. Therefore, if the traffic's ingress interface is ethernet1/7, the egress interface will be ethernet1/5, regardless of the routing table. This is the core behavior of a virtual-wire configuration. Hence, the correct egress interface is ethernet1/5.
Discussion
13 commentsNarendragpt
Mar 27, 2021D is correct . https://docs.paloaltonetworks.com/pan-os/9-0/pan-os-admin/networking/configure-interfaces/virtual-wire-interfaces.html
rolmok
Nov 15, 2021Correct Ans: D. Virtual Wire would not check the L3 routing information
confusionOption: D
Feb 22, 2022It's a vwyre: in 1/7, out 1/5 and vice versa.
rocioha
Mar 20, 2021Sorry I was wrong, because of the virtual wire is the 1/5
1Adrian1
Apr 2, 2022B is the correct answer, based on the fib output
secdaddy
Oct 4, 2022it's a virtual wire = no fib lookup
shetoshandasa
Mar 15, 2021Correct Answer
rocioha
Mar 20, 2021B is correct because of the destination and next hoop
Raikin
Apr 9, 2021No, because it is virtual wire interface, not layer 3 int.
vj77
Apr 27, 2021When an interface is configured as virtual wire, the routing table is not checked by the FW. If it enters one interface, it has to exit the other interface of the virtual wire, there is no exception.
sridot
Jun 1, 2023If it's "sourcing from 192.168.111.3" wouldn't that be a source of e6, thus not applying to the vwire?
sridot
Jun 2, 2023Apologies, I was misreading things and was worried that there may have been a misprint in the question. D is definitely correct.
sov4Option: D
Jul 29, 2023Question is on the exam. I got this question a few weeks ago... July 2023.
MarshpillowzOption: D
Jan 23, 2024D is correct here
bing2021Option: D
Jul 5, 2024follow vwire output
PaloGodOption: B
Jan 24, 2025I believe the correct answer is Ethernet1/3, and here’s why: While Virtual Wire (vWire) typically operates at Layer 2 and bridges traffic transparently (e.g., ethernet1/7 to ethernet1/5), the exhibit includes a routing table (show routing fib). This suggests the firewall is configured for Layer 3 routing in this scenario. 1. The routing table explicitly shows a default route (0.0.0.0/0) with a nexthop of 10.46.40.1 via ethernet1/3. 2. The mention of the source IP (192.168.111.3) further supports that routing decisions are being applied, which is not typical in a pure vWire setup. 3. This appears to be a hybrid configuration, where routing overrides the default vWire behavior for external traffic. The traffic ingressing on ethernet1/7 with a destination of 10.46.41.113 will egress via ethernet1/3, based on the routing table. This is consistent with Layer 3 routing logic.
NazmulHossainOption: D
Apr 14, 2025No Routing or Switching performed by virtual wire interfaces. New updated document: https://docs.paloaltonetworks.com/pan-os/11-1/pan-os-networking-admin/configure-interfaces/virtual-wire-interfaces