This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
VM-Series in the Public Cloud
The VM-Series is the virtualized form factor of the next-generation firewall. Use this discussion as a resource to discuss VM-Series deployments across public clouds like AWS, Microsoft Azure, Google Cloud Platform, Oracle Cloud, and Alibaba.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
VM-Series in the Public Cloud
The VM-Series is the virtualized form factor of the next-generation firewall. Use this discussion as a resource to discuss VM-Series deployments across public clouds like AWS, Microsoft Azure, Google Cloud Platform, Oracle Cloud, and Alibaba.
About VM-Series in the Public Cloud

Welcome to the VM-Series in the Public Cloud discussion forum! This community exists as a resource for you to discuss VM-Series deployments on AWS, Microsoft Azure, Google Cloud Platform, Oracle Cloud and Alibaba. We encourage you to engage in this rapidly growing community to share ideas, pose questions, and propose real-world solutions to any challenges that may arise.

Disclaimer:
This forum is provided for Live Community members to discuss and share information pertaining to the VM-Series deployments on AWS, Microsoft Azure, Google Cloud Platform Oracle Cloud and Alibaba. Please use the information from this forum at your own risk and make sure to test and verify proposed solutions presented here. For information on contacting Palo Alto Networks support, click here.

Discussions

Start a conversation

Welcome to the VM-Series in the Public Cloud Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating: Rules and Best Practices Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussions are encouraged; disrespectful or inflammatory comments are not. Stay On-Topic: This board is d...

JayGolf by Community Team Member
  • 3498 Views
  • 0 replies
  • 0 Likes

Automatic Variables

We have multiple sites. Each of these sites has a terminal number. For instance Orlando, Florida would be terminal 105 and New York, NY would be terminal 84 . When creating networks for our site, a user vlan gateway is always 10.terminal.140.1, for Orlando it would be 10.105.140.1 . Their DHCP range would be 10.T.140.100-10.T.140.200, so for Orl...

sskannan by L2 Linker
  • 985 Views
  • 0 replies
  • 0 Likes

Routing public websites via Palo in Azure?

I have a pair of VM-300 in a load balancer sandwich configuration in Azure. An internal load balancer is on the inside and handles outbound traffic. An external load balancer is on the outside and is intended for inbound traffic from internet. I can assign a public IP as the front end of the external load balancer. My first question - can a sin...

Help moving a Palo VM to another Azure region

Hi all, so I made a boneheaded move and set up our Palo VM in US East when I should have done it in US East 2. I'm trying to use the Azure Resource Mover tool to move it to a resource in US East 2, but it keeps failing at the "Prepare" stage. The error it's giving me is related to the Azure Site Recovery Agent on the Palo VM. I have no idea what...

Maxstr by L1 Bithead
  • 1581 Views
  • 0 replies
  • 0 Likes

Site to Site VPN Unable to Ping Azure VM

Hello. I recently setup our Site to Site VPN to Azure and am having an issue with pinging to Azure from OnPrem. The tunnel shows connected and I can ping my on Prem devices from Azure without issue. I used this article to setup the connection: https://thetechl33t.com/2020/11/18/azure-site-to-site-vpn-with-palo-alto-firewall/ I setup the ...

How to secure outbound traffic from Azure?

This question might sound stupid but I'm banging my head against the wall trying to figure out how to make this work and I cannot find any documentation anywhere on this website that answers this (simple) question. I'm trying to setup a VM Series Palo Alto firewall in Azure, to secure outbound (not inbound) traffic from my Azure virtual machin...

Resolved! Active/active gateways in Azure and Panorama

I have two gateways in Azure operating as an active/active pair. They use the load balancer sandwich topology. I'd like to manage the pair from Panorama. Having a shared policy appears to be difficult. The two can share a security policy easily enough. But the rules in a NAT policy reference IP addresses specific to a firewall. Example; a sourc...

Backup settings for firewalls

Hi Guys, I have a few firewalls VM series e and they are in production. The virtual firewalls' configs are being backup by panorama. Since we have multiple admins (systems & networks & managers) who can access portal and are able to create/modify network settings are there ways to prevent people from modifying the production settings...

tinhnho by L3 Networker
  • 2064 Views
  • 2 replies
  • 0 Likes

Internal eni in PA is not pingable from aws servers and f5

I have a PA and F5 vm deployed in aws management segment. I also attached an internal eni to PA vm to connect to f5 vm and f5 also has an internal eni from same subnet of internal eni as PA, and f5 also has an external eni along with elastic ip for internet access which is working fine, but im not able to ping internal enis eachother (ie., from ...

grr9949 by L0 Member
  • 1358 Views
  • 0 replies
  • 0 Likes

Set Password via AWS bootstrap

The documentation seems (to me) to be unclear on how to set a password when bootstrap'ing the configuration. It seems to be that you simply need to set a valid bootstrap config and it should take, however that is not working. It seems to be that the config took (we are setting IP statically on mgmt port) but the password configuration is not wor...

Resolved! Arm template azure-different zone

Has anybody successfully deployed VM's in Azure for palo alto? I have used the template, but no matter what I can't seem to put a fw in zone 2. Any help is appreciated. I've changed around the code, but can't get this fw into a zone: "variables": { "apiVersion": "2015-06-15", "imagePublisher": "paloaltonetworks", "...

WPhinney by L1 Bithead
  • 2124 Views
  • 1 replies
  • 0 Likes

HA A/P on AZURE IP floating

Hello, i configured HA actif / passif on azure when the failovor occurs the floating IP still on the First Firewall, she not move for the seconf that he becomes Actif. - all permiissions are gived -configuration is a same to the Knowledge base -test plugin is passed in logs i see that and i dont know what that's mean : 2022-06-29 17:41:54....

IMADHA by L0 Member
  • 4722 Views
  • 4 replies
  • 0 Likes

Resolved! Reducing the size of log collector disk from the minimum of 2TB.

Hello, We have configured Palo Alto Panorama ( VM series ) as a log collector and have 2TB disk attached which seems to be the minimum required storage. Now we are observing that it's very underutilized and hardly 200GB is being used. We want to save Azure Storage costs, so is there a solution to this, can we reduce the log collector size from t...

VM-Series on Azure - Packets received 0

Hello I would like to have your support. I deployed the following architecture in Azure. We have only 1 VM-Series at the moment. Based on the PA document for Azure, I created a Private subnet in vNet Hub zone (similar as the transit zone in the PA documentation). I created DSI and Project vNet with peering with Hub vNeet. We deployed an Azure ...

jeromecarrier_0-1680351707036.png
jeromecarrier_1-1680351816984.png
jeromecarrier_2-1680351837151.png

Palo Alto VM-series in Azure Vmware Solution

Hello, we have to deploy one Palo Alto NVA into the AVS Cloud of Microsoft. Unfortunately into the NSX-T environment of AVS is disabled the "service deployment" button so we cannot register the VM-Series firewall as a service. Is it possibile download and install the Palo Alto appliance as an .OVA file into the nsx-t environment ? Moreover ...

  • 704 Posts
  • 107 Subscriptions
Latest Comments
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks