If You Need an OVA...

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

If You Need an OVA...

L1 Bithead

I created an OVA for my team and put it up here (Note, this isn't the official release now offered by PANW):

https://drive.google.com/open?id=1Z9GrCF8I_BZzpbEmEh6G75npo05_4G0c

 

Be sure to go Settings > M. Learning > and change the Expedition ML Address address to your VM's IP.

Then return to the Dashboad and Start the Agent.

 

[UPDATE 6.4.2019]

Updated the OS and Expedition to 1.1.23. 

There were a few new setting available with the upgrade, so a new directory /data was created and chowned to www-data.

There were resource alerts, so updated the /home/userSpace/environmentParameters.php file, so updated TotalCPUs to 2 and SparkRAM to 1592m. Moved image to S3. Note, image size has grown from allocated disk usage. I'll work on squeezing it down for the next release.

 

[UPDATE 2.22.2019]

I created a new OVA that is now at 1.1.6. All Ubuntu updates have been applied as well.

Permissions for the /datastore and /PALogs should work for all cases now.

VM Image was set to Version 10, so should work for VMware 5.5.

Made a change to /etc/default/grub and /etc/network/interfaces to always use eth0 instead of ensXXX.

Updated /home/expedition/update-expedition.sh to make upgrades easier.

SHA256 dad89cc3e2c031e70f548dab3bc96b84e0b2216593608dc09151159115463c65

 

[UPDATE 10.16.2018]

Updated Expedition to 1.0.106 and added all OS updates as well. 

 

[UPDATE 9.18.2018]

It's been upgraded to 1.0.104, but you'll likely need to update it once installed. So just:

sudo apt-get update

sudo apt-get install expedition-beta

 

...or just use the update-expedition.sh script I created in the home directory.

 

I also fixed a couple of other issues:

Fixed the /PALogs directory permissions and updated the Parquet Path in the Machine Learning section. This fixes the "Parquet Path" error on the Dashboard.

Changed the "mysqli.reconnect" value in /etc/php/7.0/cli/php.ini to "On" to fix the mysqli.reconnect error on the Dashboard.

 

 

45 REPLIES 45

L2 Linker

Let me just say that your timing is impeccable. I have been fighting to get the VM converted for esxi all day, trying to track down a Windows box I can use that has the right network access, enough disk space, admin rights, on and on. Roadblock after roadblock. Thank you.

L2 Linker

Thank you for this .. 

L1 Bithead

I needed a version that could run on ESX 5.5, based on this KB: https://kb.vmware.com/s/article/1003746 , I needed HwVersion 10.

 

so I took Tobias' OVA and downgraded the Virtual Hardware Version to 10, while I was at it I updated Expedition to 1.0.104 and BPA to 3.2.0. This OVA should work with later version of ESX as well.

 

https://paloaltonetworks.box.com/s/mb3z1v50sw1c914z0q05gqm7y80b8w2x

 

Please test and let me know if any issues. I tested it on ESX 5.5 Update 3b build 3248547 (2015-12-08).

 

Expedition boots up with DHCP Client, so to get your currently assigned IP, log into the Console with Username: expedition Password: paloalto and use ifconfig to see your current IP.

 

then browse to https://<current IP> , and log in with Username: admin Password: paloalto

 

You should update it periodically. So just:

sudo apt-get update

sudo apt-get install expedition-beta

 

L1 Bithead

Dont forget to change the IP address in the Machine learning server address settings due to it being OP's IP of his ML Server.

I also had to do this from another thread:

/etc/mysql/my.cnf file:

 

bind-address = 127.0.0.1

 

That line should be commented out instead, like this:

 

#bind-address = 127.0.0.1

I like using sudo nano to do this:

 

sudo nano /etc/mysql/my.cnf file:

 

--Press Cntrl+W to find "bind-address"

 

bind-address = 127.0.0.1

 

 

--Uncomment it as such:

 

#bind-address = 127.0.0.1

 

Cntrl +O to save it

Cntrl +X   to exit, DONE!

 

L0 Member

Thank you.

L0 Member

Thank you so very much!!!  I've spent 2 weeks trying to get the non-OVA to work.  You are a lifesaver!

I had no ens33 interface so had to use "ip link" to realise it was ens34 because the VMX file had it as slot 34. Weird.

L0 Member

I have installed this ova on my vmworkstation 12.5 (windows) and get the below network error during boot. No network connectivity. Tried both vmxnet3 & e1000 with same results. Any idea's?

Capture.PNG

 

 

I've seen this in the past, it's the virtural nic name IIRC. There are a couple of ways to fix it, change all the names to the new nic name (ens160 or ens192, etc). I've added some kernel boot options in the past, too. 
Have a look at this:
https://askubuntu.com/questions/824376/failed-to-start-raise-network-interfaces-after-upgrading-to-1...

 

Hope this helps!

L0 Member

This is aweomse, thanks! Any chance you could post the file-hash each time it's updated? Best assupmtion is that I just had a corrupt download but it would be nice to cross reference with the hash (downloaded twice today because the first one wasn't deploying in vmware due to a mismatch)

The hash is already part of the OVA. and Ova is a tar of .ovf, .vmdk, and .mf. the .mf is a plain text file that contain the hashes of the .ovf and .vmdk files, so it is internally validated. hence, the OVA is so much better than an OVF that requires manual hash validation. VMWare will warn you if you launch a corrupt OVA, but will not warn you if you try to launch a corrupt OVF/VMDK .

 

L2 Linker

Thanks for this.  The one from the link that you provided is for vsphere 6.5 and we need 6.0 to work in our environment - are there any tricks for conversion?

  • 59689 Views
  • 45 replies
  • 22 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!