Hello,
I'm setting an Active/Active PA design with Azure ILB for traffic balancing, my backends are PA firewalls on each of their interfaces (I'm using 6 interfaces)
Azure ILB uses the same Public IP to monitor health status of all the backends https:
...
Loopback is configured on router in at a HUB site and we want to ping the IP of an instance in VPC-1.
We are advertising the loopback IP (/32) from HUB site as shown in the above diagram. Loopback will be advertised from Hub site to TG (Transit g
...
We are going with hub and spoke model, PA being the hub. When we peer a spoke VNET with the hub does the subnets in peered spoke also go through intrazone rules.
Spoke-vnet - (subnet1, subnet2).
Would subnet1 <> subnet2 communication pass through int
...
On AWS we have deployed Application Load balancer after firewall. Can we configure ssl inbound inspection in this case?
Will it work properly, whic certificate we have to import on firewall, server certificate or ALB certificate?
Hi Team,
On public cloud Azure, why we need to translate source address also for Destination NAT?
When i am translating source with trust interface IP it is working fine but when i am keeping the address as original it is not working.
Kindly let me kn
...
I am trying to POC a scenario for my customer in AWS with dual Palo Alto in HA within same availability zone. (We need to build a site to Site VPN tunnel from on-Premises to AWS Palo behind IGW)
I am facing a strange issue. I an not able to reach the
...
We have deployed vm-series 300 in AWS recently and put our production site behind it, but we are seeing a performance degradation, the website is taking around 2-3 mins to load for the first time which normally it didnt take, we have not put any url
...
Hello,
I had 2 VM-series firewalls running 10.0.3 in AWS which I had connected to my on-prem Panorama also running 10.0.3.
All looked fine until I made a change to the security policy and executed a commit & push to the VM's.
After this the Panorama com
...
We received a report of some connectivity issues with an IPSEC tunnel between a Palo 5220 (9.1.8) and Azure VNG
Looking at this deeper, we see an odd rekey pattern happening with the IPSEC Rekey. Every 4th rekey is a non-rekey and occurs short. Can
...
Hi Palo Alto Support,
How can we deploy Palo Alto HA (Active/Passive mode) in existing Network & Application Gateway on Azure.
We are using Application Gateway & Web Servers and now we want to deploy Palo Alto Firewall between Application Gateway and
...
How can we add interfaces to a PLao Alto VM because using Dashboard deployment, just 3 interfaces are deployed but in PAYG deplymnet for VM-300 4 interfaces are supported.
I am building some PA VM's behind GWLB.
i would like to do traffic between VPC's to flow through this GWLB and TGW which appears to be possible however i can not find any documentation on how to seperate these into different Zones within the palo. I
...
Hi all,
I am a new Palo Alto firewalls learner, I start the lab which has 2 PA-VMs direct connected (in the purpose of testing VPN site to site) but it can't ping to each other it showing destination unreachable. I had tried to configure Interface ma
...
Recently, we've been having an issue with assigning secondary IPs to our Azure PA VMs where if we add a new IP, it doesn't seem to apply until we add a second IP. After the 2nd IP is added, the first starts working but the 2nd doesn't work. The Palo
...
My Azure region has recently become availability zone capable. Is there a recommended process for converting/migrating Palo VM firewalls so they make use of this feature?
PavelK
on:
Azure PAN-OS Software update no showing latest information
aleksandar.asta
aleksandar.asta
SutareMayur
on:
HA setup in AWS
TomYoung
on:
Need Help with Palo Alto IPsec VPN, Azure Application Gateway, and DNS Behavior
TomYoung
on:
How to configure ingress to Azure Load Balancers with PaloAlto-secured network
