This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
VM-Series in the Public Cloud
The VM-Series is the virtualized form factor of the next-generation firewall. Use this discussion as a resource to discuss VM-Series deployments across public clouds like AWS, Microsoft Azure, Google Cloud Platform, Oracle Cloud, and Alibaba.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
VM-Series in the Public Cloud
The VM-Series is the virtualized form factor of the next-generation firewall. Use this discussion as a resource to discuss VM-Series deployments across public clouds like AWS, Microsoft Azure, Google Cloud Platform, Oracle Cloud, and Alibaba.
About VM-Series in the Public Cloud

Welcome to the VM-Series in the Public Cloud discussion forum! This community exists as a resource for you to discuss VM-Series deployments on AWS, Microsoft Azure, Google Cloud Platform, Oracle Cloud and Alibaba. We encourage you to engage in this rapidly growing community to share ideas, pose questions, and propose real-world solutions to any challenges that may arise.

Disclaimer:
This forum is provided for Live Community members to discuss and share information pertaining to the VM-Series deployments on AWS, Microsoft Azure, Google Cloud Platform Oracle Cloud and Alibaba. Please use the information from this forum at your own risk and make sure to test and verify proposed solutions presented here. For information on contacting Palo Alto Networks support, click here.

Discussions

Start a conversation

Welcome to the VM-Series in the Public Cloud Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating: Rules and Best Practices Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussions are encouraged; disrespectful or inflammatory comments are not. Stay On-Topic: This board is d...

JayGolf by Community Team Member
  • 3500 Views
  • 0 replies
  • 0 Likes

Basic rule creation in VM-300 in GCP

Hi All, We are starting our journey with Palo Alto in GCP. We have FW up and running with 3 interfaces (MGMT-NIC0, Untrusted-NIC1, Trusted-NIC2). We struggle to create a basic rule which allows i.e. PING from the host located in Untrusted zone to the host located in Trusted zone. We can see the traffic going through the FW in the Monitor sect...

Multiple Static Route(s) for PA-VM in Azure

Hello all! I have successfully deployed a PA VM-300 in our Azure environment and I am a bit confused when it comes to setting up the virtual router for the networks. I've seen a few YouTube videos where people configure one VR with two or more static routes and others with multiple VRs, for example. Untrusted-vr & trust-vr. I have listed a f...

Azure Panorama traffic log custom filtering not working

New Panorama build in Azure. I can get traffic logs from firewall into Panorama However if I do a filter based on zone or application rule I get zero results Filtering only works based on IPs it seems. Open case with support but I'm wondering anyone is experience this issue with Azure Panorama Having problems with 10.1.10 and 10.1.11

 Integration of PA-1410 with Azure AD for Single Sign On

how to integrate pa 1410 with azure ad for single sign on 2) Customer has Azure AD environment which is multitenant, we need to check if multiple API integration is possible or not 3) BYOD authentication. To check if SMS gateway integration is possible for BYOD or Guests 4) For certain IP range logs should not be generated

Azure PAN-OS Software update no showing latest information

Hi all, may i have some idea how is the device -> software screen working logic? is it the firewall will use the management interface ( as per configure at the service route "use management interface for all" ), to contact updates.paloaltonetworks.com and pull all the information and show on the screen periodically ? or is Palo alto server wi...

limmengkiat_0-1695995747841.png

How to restore our Azure firewall setup if upgrade activity fails

Hello, Would like to know steps one needs to follow in case our devices hosted in the Azure Public cloud fails/goes dead during firmware upgrade activity. We have VM-series firewalls and Panorama on Azure. Our firewall pair in HA is implemented using "Custom Template" on Azure which creates two firewalls along with NSG, Load balancers etc. an...

How to add a Firewall for ALB which is connected to Global accelerator in AWS

I have implemented a security service VPC using VM series and Gateway Load balancer. in the case where traffic is coming thru the IGW, I am able to route incoming traffic from IGW to security VPC for inspection and then back the application ALB. However, I am not sure how to do this if my ALB is connected to a Global Accelerator (when traffic d...

KimSiah_1-1686721882301.png
KimSiah by L1 Bithead
  • 3193 Views
  • 2 replies
  • 0 Likes

Panorama and multi cloud orchestration

Hi, I'm looking into an auto-scaling deployment of PA's in Azure and AWS. Both will be managed by Panorama. What I'm not sure about is if both deployments can be managed by a single instance of Panorama located in Azure or AWS? Can anyone confirm if this will work? Thanks

stuartr by L0 Member
  • 2522 Views
  • 1 replies
  • 0 Likes

S2S VPN with Active/Active FW Behind LB

Hey all, we have 2 active palos in azure that are behind a public load balancer. have to create a S2S VPN between our tenancy and another orgs tenancy. has anyone done this before? not sure how can get this to work as traffic going through the load balancer seems to cause issues as its a long running connection. anyone know of any design guides...

catg80 by L0 Member
  • 2372 Views
  • 1 replies
  • 0 Likes

Need Help with Palo Alto IPsec VPN, Azure Application Gateway, and DNS Behavior

I have set up two Palo Alto VM-Series firewalls to establish an IPsec VPN connection. The goal is to provide secure access for mobile users via GlobalProtect while also utilizing Azure Application Gateway for load balancing and routing."http://www.dmvnow.wiki" Registration-Renewal Feel free to share your thoughts, suggestions, or even similar ex...

Time Synchronization for Azure VM Series?

What is the best practice for keeping Azure VM-series NGFW time synchronized? Microsoft doesn't recommend using NTP, but rather having the OS sync with the host infrastructure directly. Is this supported by Palo Alto VM series, or are there plans for it? Or is the recommendation for each organization to either use a public NTP server / maintain ...

Toivo by L1 Bithead
  • 3421 Views
  • 0 replies
  • 0 Likes

Splunk and Palo Alto Networks Integration in AWS: Log Data Discrepancies

Hello, Recently, in our organization, we undertook the task of integrating Splunk with our existing Palo Alto Networks infrastructure within our AWS environment. The integration process was fairly smooth, and we were eager to begin monitoring and analyzing our network logs using Splunk's capabilities. However, as we started to deep dive into t...

How to configure ingress to Azure Load Balancers with PaloAlto-secured network

Hi, I am looking to deploy external load public load balancer for controlling ingress traffic from Internet to Palo Alto VM-series deployed as active/active behind this load balancer. What will be the configurations on external load balancer and how will the NAT configurations if I am exposing application sitting behin my internal load balancer....

BilalMohd_0-1692814047644.png
  • 704 Posts
  • 107 Subscriptions
Latest Comments
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks