Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 

Predefined L2V Zones in NSM Overview

 

You can configure any predefined zone in a shared virtual router as shareable. In the NSM UI, the following predefined L2 zones appear with regular zone names:

  • v1-trust appears as trust

  • v1-untrust appears as untrust

  • v1-dmz appears as dmz

The exception is v1-null, which appears as v1-null; the regular null zone is unchanged, and appears as null. By default, the predefined VLAN zone is also sharable when using L2V. The VLAN zone contains all vsys management interfaces.

You can also create custom L2V zones in the root system or vsys, although you cannot configure a custom L2V zone as sharable. When you define a new L2 zone, NSM prepends the prefix “L2-” to the name during a device update. However, the L2 prefix does not appear in the NSM UI. For example, if you create an L2 zone named “music,” the UI displays the zone name as “music,” but the Web UI and CLI displays the zone name as “L2-music.”

Note

When configuring a custom L2V zone, the name must include only lowercase letters.