topic Palo Alto VM Series Routing Problem in AWS in VM-Series in the Public Cloud https://live.paloaltonetworks.com/t5/vm-series-in-the-public-cloud/palo-alto-vm-series-routing-problem-in-aws/m-p/1001216#M2317 <P>I am working on a greenfield proof of concept and I am running into some challenges. I am trying to get VPC A in Account A to route internet traffic through VPC B in Account B using VPC peering. The Palo Alto VM Series resides in VPC B. Is this configuration possible, or am I forced to use a Transit Gateway or IPSEC VPN?</P> <P><BR />Account A / VPC A CIDR&nbsp;<SPAN>10.0.1.32/27</SPAN></P> <P>Account B / VPC B CIDR&nbsp;<SPAN>10.0.0.0/24</SPAN></P> <DIV class="awsui_child_18582_j01vr_149">&nbsp;</DIV> <P>Peering connection is active<BR />Source / Destination check disabled on all interfaces.</P> <P>&nbsp;</P> <P>Account A / VPC A Peering:<BR />0.0.0.0/0 =&gt; &lt;peering connection&gt;<BR /><SPAN>10.0.1.32/27 =&gt; local<BR /><BR /></SPAN>Account B / VPC B Route Table (Main Route Table associated with the subnet for the Trust interface):<BR />0.0.0.0/0 =&gt; &lt;untrust interface&gt;<BR /><SPAN>10.0.1.32/27 =&gt; &lt;peering connection&gt;<BR /><BR /></SPAN>Account B / VPC B Route Table (Untrust Interface)</P> <P>0.0.0.0/0 =&gt; &lt;internet gateway&gt;</P> <P><SPAN>10.0.1.32/27 =&gt; &lt;peering connection&gt;</SPAN></P> <P>&nbsp;</P> <P>&nbsp;</P> Wed, 08 Jan 2025 23:19:05 GMT CLombardi 2025-01-08T23:19:05Z Palo Alto VM Series Routing Problem in AWS https://live.paloaltonetworks.com/t5/vm-series-in-the-public-cloud/palo-alto-vm-series-routing-problem-in-aws/m-p/1001216#M2317 <P>I am working on a greenfield proof of concept and I am running into some challenges. I am trying to get VPC A in Account A to route internet traffic through VPC B in Account B using VPC peering. The Palo Alto VM Series resides in VPC B. Is this configuration possible, or am I forced to use a Transit Gateway or IPSEC VPN?</P> <P><BR />Account A / VPC A CIDR&nbsp;<SPAN>10.0.1.32/27</SPAN></P> <P>Account B / VPC B CIDR&nbsp;<SPAN>10.0.0.0/24</SPAN></P> <DIV class="awsui_child_18582_j01vr_149">&nbsp;</DIV> <P>Peering connection is active<BR />Source / Destination check disabled on all interfaces.</P> <P>&nbsp;</P> <P>Account A / VPC A Peering:<BR />0.0.0.0/0 =&gt; &lt;peering connection&gt;<BR /><SPAN>10.0.1.32/27 =&gt; local<BR /><BR /></SPAN>Account B / VPC B Route Table (Main Route Table associated with the subnet for the Trust interface):<BR />0.0.0.0/0 =&gt; &lt;untrust interface&gt;<BR /><SPAN>10.0.1.32/27 =&gt; &lt;peering connection&gt;<BR /><BR /></SPAN>Account B / VPC B Route Table (Untrust Interface)</P> <P>0.0.0.0/0 =&gt; &lt;internet gateway&gt;</P> <P><SPAN>10.0.1.32/27 =&gt; &lt;peering connection&gt;</SPAN></P> <P>&nbsp;</P> <P>&nbsp;</P> Wed, 08 Jan 2025 23:19:05 GMT https://live.paloaltonetworks.com/t5/vm-series-in-the-public-cloud/palo-alto-vm-series-routing-problem-in-aws/m-p/1001216#M2317 CLombardi 2025-01-08T23:19:05Z Re: Palo Alto VM Series Routing Problem in AWS https://live.paloaltonetworks.com/t5/vm-series-in-the-public-cloud/palo-alto-vm-series-routing-problem-in-aws/m-p/1205502#M2324 <P>Curious have you considered using AWS Privatelink?</P> Mon, 27 Jan 2025 17:02:22 GMT https://live.paloaltonetworks.com/t5/vm-series-in-the-public-cloud/palo-alto-vm-series-routing-problem-in-aws/m-p/1205502#M2324 Murph 2025-01-27T17:02:22Z