I deployed NGFW 8.1 using Terraform (v0.11.36) in Azure. It provisions VM and all the resources like resource group, VNet, subnet, IP's etc., But the only problem is with the UnTrust(eth1/1) NIC as it complains 'Incomplete ARP even after configuring the Interfaces and the static routes in Virtual router page. I only get this problem when I do it using Terraform and not using the Azure's solution template or ARM templates.
Did anyone had the same issue? and can I know how was it resolved? thanks in advance.
This can be a large number of things, without additonal insight into how you have things configured saying exactly what it is isn't going to be possible. I personally would be reaching out to TAC so that someone can actually look at how a firewall you are deploying is actually configured. A few things to check though:
Thanks for responding, appreciate it.
My issue is the basic NGFW deployment using the 'PAYG' azure marketplace. This is only for evaluation/PoC.
I compared the templates of the NGFW for both the deployments using Terraform and the Azure solution template, it is similar but not sure why the untrust nic complains for ARP. I did contact the Palo Alto support but since they don't officially support the Terraform, it did not get solved.
I can share with you the Terraform file if you would like to look at it and give me some comments.
Im completely deployed via terraform. Azurerm for the virtual machine and panos for configuration.
I think it might help you out.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!