Hello Nikolay, Doing as you have suggested, works fine. Thank you! I am very curious in trying the other alternative as well. I did not properly configure the VGT. So this must be the issue. Thank you again for your quick respons. Best regards!
... View more
Hello, I am kind a new with PaloAlto. I require some help with a scenario I try to put into practice in my lab. I have a strange situation in my setup. I have deployed a PaloAlto firewall virtual appliance on a ESXi host. And also created 2 Virtual machines. On PaloAlto, I have created a subinterface and assigned it to vlan 14 and an interface, assigned to Vlan 12. Vlan 12 communicates with the exterior. The to VMs are assigned to Vlan 14. No here is the strange thing. The vms can ping to each other, but they cannot ping the gateway, which is the subinterface I have created on PaloAlto, Vlan 14. However, the subinterface can be ping-ed if I try from outside the VmWare environment, via Vlan 12, from my phisical computer for example. The physical computer runs in a different network, and communicates with the vmware environment via a firewall, physical box. The firewall (physical box) communicates with PaloAlto using Vlan 12. Attached the config of the PaloAlto interface/subinterface fw and config for the virtual Nics in vmware. Both port groups in VmWare use the same physical interface, in VmWare. The interfaces in PaloAlto is configured to respond to PING. What exactly am I missing in order to allow the VMs to ping the gateway and allow them access towards other networks? Any tips much appreciated! Thank you in advance.
... View more