This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
VM-Series in the Public Cloud
The VM-Series is the virtualized form factor of the next-generation firewall. Use this discussion as a resource to discuss VM-Series deployments across public clouds like AWS, Microsoft Azure, Google Cloud Platform, Oracle Cloud, and Alibaba.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
VM-Series in the Public Cloud
The VM-Series is the virtualized form factor of the next-generation firewall. Use this discussion as a resource to discuss VM-Series deployments across public clouds like AWS, Microsoft Azure, Google Cloud Platform, Oracle Cloud, and Alibaba.
About VM-Series in the Public Cloud

Welcome to the VM-Series in the Public Cloud discussion forum! This community exists as a resource for you to discuss VM-Series deployments on AWS, Microsoft Azure, Google Cloud Platform, Oracle Cloud and Alibaba. We encourage you to engage in this rapidly growing community to share ideas, pose questions, and propose real-world solutions to any challenges that may arise.

Disclaimer:
This forum is provided for Live Community members to discuss and share information pertaining to the VM-Series deployments on AWS, Microsoft Azure, Google Cloud Platform Oracle Cloud and Alibaba. Please use the information from this forum at your own risk and make sure to test and verify proposed solutions presented here. For information on contacting Palo Alto Networks support, click here.

Discussions

Start a conversation

Welcome to the VM-Series in the Public Cloud Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating: Rules and Best Practices Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussions are encouraged; disrespectful or inflammatory comments are not. Stay On-Topic: This board is d...

JayGolf by Community Team Member
  • 3501 Views
  • 0 replies
  • 0 Likes

Which VM-Series deployment model within vSphere allows for firewall insertion into an existing network and will also require additional VLANs for each

I need right answers of these questions. Any help please Q1.Which VM-Series deployment model within vSphere allows for firewall insertion into an existing network and will also require additional VLANs for each tenant or application boundary? A.Layer 2 B.Layer 3 C.Layer 7 D.Virtual wire (vwire) Q2. Which VM-Series deployment model within...

Slow webpage Load times

Have two Firewalls setup in azure with LB on the trust interface side and no LB on the untrust side. I am experiencing slow web page load times. Sometimes it doesnt even load or loads parts of the page. Any ideas what could be causing this?

Resolved! Bootstrap VM-series AWS firewalls not showing in Panorama

I'm currently trying to bootstrap a number of VM series firewalls in AWS using Terraform. So far, it appears to be mostly successful. After provisioning the firewalls, I can see the S3 bucket being used is successfully detected from the AWS console. I get the following messages: INFO: Media detected, Starting media sanity check INFO: Bootstrap m...

MartinE by L2 Linker
  • 2848 Views
  • 1 replies
  • 0 Likes

Resolved! New VM asks for password using SSH

I;ve installed a new firewall using Bundle 1, I get this error with a new VM One of them worked correctly, but after I killed it, I started to get these issues. Any idea what can be wrong?The PEM key is the proper one, created when I launched the machine This seems to happen after I killed the first "bundle 1 machine" and it said trial expired, ...

nronica by L1 Bithead
  • 9804 Views
  • 7 replies
  • 0 Likes

Multiple IPSec tunnels on one public IP on AWS

I am working with company that is using VM-Series appliances in AWS for site to site VPNs. The VPNs need to be up all the time but have low throughput requirements. To host multiple VPNs on one VM-Series they currently have to setup a virtual network interface, each with a public IP, for each VPN. They are looking to scale this method in a more ...

Cyfroice by L0 Member
  • 2954 Views
  • 1 replies
  • 0 Likes

Resolved! API keys for Autoscale with GWLB deployment

We are attempting to deploy Cloud Formation Templates to create the autoscaling groups and firewalls but there are some steps around API keys that are confusing. From the pictures seen below, we are being asked for API keys for the panorama, and for the firewalls, and then the csp lisence key. My confusion points are as follows: 1. For the fir...

Verac22_1-1677589320646.png
Verac22_0-1677589313584.png
Verac22 by L2 Linker
  • 2483 Views
  • 1 replies
  • 0 Likes

Azure internal load balancer and VM firewalls not working

We are attempting to internal load balance a pair of VM firewalls in Azure. The firewalls work when traffic is sent directly to the firewalls. But when the Azure internal load balancer is added into the mix no traffic hits the firewall. I have searched all over the Palo web sites, the live community and Internet, but have not found instructions...

Joel_W by L1 Bithead
  • 7209 Views
  • 3 replies
  • 0 Likes

Monitoring of external ip configured for vpn in Palo Alto vm firewalls deployed in Azure

Hi All, We have 2 Palo Alto VM firewalls (A: Primary & B: Secondary) deployed in Active/Passive mode for high-availability. These firewalls are deployed in Azure cloud and have multiple site to site IPSEC VPN tunnels configured with multiple vendors. Recently, we faced an issue when we were performing PAN OS upgrade on both the firewalls. ...

BilalM by L1 Bithead
  • 3126 Views
  • 4 replies
  • 0 Likes

Resolved! PAN-VM x-forwarded-for feature question in gcp cloud

Hello.I have built a simple sandwich structure test environment on GCP Cloud. ALB ↙ ↘FW1 FW2 ↘ ↙ NLB ↙ ↘SV1 SV2 However, in the PAN traffic log, XFF IP is only the IP of the upper ALB.GCP's official documentation confirmed that the XFF header contains both the client IP and the LB IP.I actually did a packet capture from the PAN, bot...

ttak87_0-1627279983422.png
ttak87_1-1627280162423.png
ttak87_2-1627280344002.png
ttak87 by L1 Bithead
  • 10695 Views
  • 9 replies
  • 0 Likes

HA in Azure with Extra Zones

Hi all, I've setup 2 VM series in HA in Azure for north-south traffic and it works well with the floating IP moving after a few minutes during failover. We want to add east west traffic flows with extra zones. Does the extra zones require the same interface configuration? 10.x.x.4/32 10.x.x.5/32 10.x.x.6/24 When adding an additional zone, is...

Dynam0 by L1 Bithead
  • 1152 Views
  • 0 replies
  • 0 Likes
  • 704 Posts
  • 107 Subscriptions
Latest Comments
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks