Reference Guide
80 | firewall-external-enforcement Dell Networking W-Series Instant 6.4.0.2-4.1 | CLI Reference Guide
firewall-external-enforcement
firewall-external-enforcement pan
disable
enable
ip <address>
port <port>
user <name> <password>
no…
Description
This command configures external firewall details such as Palo Alto Networks(PAN) firewall to enable integration
with the W-IAP.
Syntax
Parameter Description Range Default
firewall-external-enforcement
pan
PAN firewall configuration sub-
mode.
— —
disable
Disables PAN firewall. — —
enable
Enables PANfirewall. — —
ip <address>
Configures PAN firewall IP
address on the W-IAP
— —
port <port>
Configures a port for the PAN
firewall
1—65535 443
user <name> <password>
Configures administrator user
credentials of PAN firewall on a
W-IAP.
— —
no…
Removes the specified
configuration parameter.
— —
Usage Guidelines
Use this command to enable external firewall integration with W-IAP. In Instant 6.3.1.1-4.0 release, W-IAPs can be
integrated with external firewall such as PAN firewall. The PAN firewall is based on user ID, which provides many
methods for connecting to sources of identity information and associating them with firewall policy rules. The
functionality provided by the PAN firewall based on user ID requires the collection of information from the network.
W-IAP maintains the network (such as mapping IP address) and user information for those clients in the network and
provides the required information for the user ID feature on PAN firewall.
To enable W-IAP integration with PAN firewall, a global profile configured on W-IAP with PAN firewall information
such as IP address, port, user name, password, firewall enabled or disabled status.
Example
The following example configures PAN firewall information on a W-IAP:
(Instant AP)(config)# firewall-external-enforcement pan
(Instant AP)(firewall-external-enforcement pan)# enable
(Instant AP)(firewall-external-enforcement pan)# ip 192.0.2.11
(Instant AP)(firewall-external-enforcement pan)# port 443