This article is based on a discussion, Best guides for new Firewall Deployment, posted by @Nhussain. Read on to see the discussion and guidance from @OtakarKlier.
I am deploying a new firewall for a PoC; however, I am having some issues. I have deployed and activated the server on Azure, I am using VM-Series. On the Azure side, there being no restrictions, the server is not able to connect to the internet for updates.
I must be missing something basic in understanding/setup so any pointers would be great.
If you are looking for a place to start when configuring your new firewall, check out this post to get started: Secure Day-One Configuration Not for the Faint of Heart.
Solution:
Hello,
Sounds like a routing/policy issues with the original PAN you deployed. I wouldn't recommend having the management interface internet facing unless you lock it down to source IP's. However you can change the services, so they use a different interface to reaching out and grabbing updates, etc.
If you're adventurous — https://live.paloaltonetworks.com/t5/general-articles/secure-day-one-configuration-not-for-the-faint... — it blocks almost everything so be careful.
