Palo Alto lab in VMware Workstation

Announcements

ATTENTION Customers, All Partners and Employees: The Customer Support Portal (CSP) will be undergoing maintenance and unavailable on Saturday, November 7, 2020, from 11 am to 11 pm PST. Please read our blog for more information.

Reply
Highlighted
L1 Bithead

Sorry guys, just mistyped. So, in my previous post I tried to ping www.google.com. Now I'm trying to ping 192.168.0.1 and I get reponse. But why I can't ping the rest of the world and why I can't ping my router without specifying source address? 

Highlighted
L7 Applicator

Your issue is that as you mentioned your management interface is host only.

>> Network adapter 1 - Vmnet2 (Host-only) for Managament interface

 

All requests that go out from Palo by default use management interface.

And as this interface is connected to host-only network DNS requests never get out.

 

You should either configure management interface into NAT network or even better under

Device > Setup > Services > Service Route Configuration

Choose option "customize" and change DNS requests to go out from external interface.

Enterprise Architect @ Cloud Carib www.cloudcarib.com
ACE, PCNSE, PCNSI

View solution in original post

Highlighted
L3 Networker

+ 1 Raido.

 

Hi Guys,

 

l would use this configuration:

 

On VMware workstation:

 

network adapter = BRIDGED. This is actually your management interface and you don't see it in the network TAB of the device

network adapter 2 = VMnet(X) This is actually your first interface = ethernet1/1

network adapter 3 = VMnet(X) This is actually your first interface = ethernet1/2

network adapter 4 = VMnet(X) This is actually your first interface = ethernet1/3

 

Worked for me 100 times.  Need assistance, let me know. Can do a quick remote session.  

 

Cheers

Highlighted
L1 Bithead

Hi Raido,

 

Finally, I have my PA work as intended. So, I did exactly as you adviced. Now I have:

Vmnet Bridged 192.168.0.10 - for MGMT

Vmnet Bridged 192.168.0.254 - for Intenet Interface

Vmnet LAN - 172.16.1.1 - for LAN interface

Vmnet DMZ - 172.16.2.1 - for DMZ interface

 

Thank you very much for your help. 

 

Cheers,

 

4kusnik

Highlighted
L0 Member

It works thanks for sharing 

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!

The Live Community thanks you for your participation!