Enhanced Security Measures in Place:   To ensure a safer experience, we’ve implemented additional, temporary security measures for all users.

Use VM-100 With Could Provider - MAC Issues

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

Use VM-100 With Could Provider - MAC Issues

Not applicable

We are trying to set up a VM-100 as the entry point to a virtual data center. We have run into an issue with the MAC addresses on the VM device not matching the MAC addresses on the Palo interfaces. We appear to be stuck at this point. Apparently it is not possible to change the MAC addresses inside the Palo. We approached the cloud provider about changing the MAC on their end, and were told:

Because of vCloud limitations... the MAC that must be used both at the vCloud layer and at the Palo Alto layer must be a VMware MAC.


Has anyone else attempted this type of setup? Any thoughts or suggestions? The only suggestion put forward by both the cloud provider and Palo Support was to enable promiscuous mode, which is not an option for us.

4 REPLIES 4

L6 Presenter

Hi Khansen,

PANW-VM can work in following combination.

1. Enable Promiscous mode and also MAC address Change for that interface.

2. Disable Promiscuous mode and hardcode PANW-VM MAC addresses on ESXi

Bottom line is you can never change MAC address of the VM.

In this scenario I dont see any solution.

Regards,

Hardik Shah

L6 Presenter

Hello Khansen,

Let me know for additional queries.

Regards,

Hardik Shah

Hardik,

As the MAC cannot be changed in the VM, and it also cannot be changed in vCloud, we have no choice other than to abandon this effort. It looks like we will have to use a firewall from another vendor.

Thanks.

Ken

Hi Khansen,

I would suggest to contact Sales Engineer for the account. They are master in Deployment, he should be able to provide some work around.

Have a word with him, and let me know for additional query.

Regards,

Hardik Shah

  • 2964 Views
  • 4 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!