Is the AWS VM limited to only 3 interfaces or can we add 3 more? I was reading there may be limitations associated with machine type but wanted to be sure before we went down the path of changing that.
Quick question for the community. I have setup and configured the Palo Alto VM series in Azure. Along with the management interface, the VM has “trust” and “untrust” interfaces. I have basically copied the rules over from our office Palo Alto devices
...
I have trail account VM series setup with global protect config, followed youtube video.
I see that login works fine but tunnel with external gw is not coming up. see following error. anyone who can help me ?
Hi all,
I got a weird situation when I deploy the PA NGFW on Azure, could you please give me some suggestions for resloving this weird situation?
After deployment, the VM will be restared and restared by itself with unknown reason, I try to connect t
...
Hello Community,
we´ve configured GP to authenticate via SAML to our Azure AD service so that we can use MFA on GP.
GP is only used by IT employees with their "admin" accounts.
So far, it seems to work fine how its configured.
The only problem we are f
...
Has anyone been successful in converting their VM-series appliances running in Azure Government to FIPS-CC mode? The SSH keys I created and allowed for FW management prior to the conversion were wiped out and resetting the keys via the Azure portal d
...
Hello there,
Currently doing POC and deployed a VM-Series with AWS Gateway Load Balancer/TGW mentioned here
I was able to inspect the traffic inbound traffic as my security vpc (TGW/GWLB/VMSeries)a nd Spokes VPC (Application) is in the same region. An
Hi All
Has anyone else had a play with the GWLB on AWS?
I've here a topology hub and spoke base on this link:
https://aws.amazon.com/pt/blogs/networking-and-content-delivery/centralized-inspection-architecture-with-aws-gateway-load-balancer-and-aws-tra
...
Hi All,
I want to configure Active/Passive HA on AWS, but both the PA-Instance should be in different AZ. How can we achieve this?
I have referred below article: https://docs.paloaltonetworks.com/vm-series/9-1/vm-series-deployment/set-up-the-vm-series
...
Hello,
i want to do a packet capture on a VM interface using Network Watcher for some traffic on our VM-300 series NGFW but our CSP advises this is not possible. The extensions section in Azure seems to confirm this.
can anyone advise if this featu
...
I've got a rather bizarre setup that I'm trying to integrate with a new customer using a vm-series 300 in AWS. I have setup and established an IPSEC tunnel (that even comes up when we attempt to send traffic over the tunnel). Where it gets complicat
...
I've become stuck on an issue getting inbound traffic working to a resource in a subscriber VNET behind a transit VNET where firewalls are configured.
I think I'm missing something obvious, and thought I would bounce ideas off of the community here.
...
I am having the attached topology. I have two ipsec tunnel from two vm series paloalto to same peer ip which is in prisma cloud.
on trust side I have an Azure load balancer which would send traffic to 2 firewalls and having a health probe as ssh to
...
Hi all,
I am having recurring issues deploying zone protection profiles for VM series firewalls in Azure, from Panorama templates, revolving around SCTP settings, whenever I try to push the template the commits are failing with the below error -
Team,
We have the pair of PA-VM deployed in HA A-P mode. The log-forwarding facility is enabled and the logs are being forwarded to the external Syslog-Server.
It is noticed that the Passive node is not sending any logs to the Syslog-Server. Only the
...
TomYoung
on:
Design recommendation for PAN NGFW in AWS
