This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
VM-Series in the Public Cloud
The VM-Series is the virtualized form factor of the next-generation firewall. Use this discussion as a resource to discuss VM-Series deployments across public clouds like AWS, Microsoft Azure, Google Cloud Platform, Oracle Cloud, and Alibaba.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
VM-Series in the Public Cloud
The VM-Series is the virtualized form factor of the next-generation firewall. Use this discussion as a resource to discuss VM-Series deployments across public clouds like AWS, Microsoft Azure, Google Cloud Platform, Oracle Cloud, and Alibaba.
About VM-Series in the Public Cloud

Welcome to the VM-Series in the Public Cloud discussion forum! This community exists as a resource for you to discuss VM-Series deployments on AWS, Microsoft Azure, Google Cloud Platform, Oracle Cloud and Alibaba. We encourage you to engage in this rapidly growing community to share ideas, pose questions, and propose real-world solutions to any challenges that may arise.

Disclaimer:
This forum is provided for Live Community members to discuss and share information pertaining to the VM-Series deployments on AWS, Microsoft Azure, Google Cloud Platform Oracle Cloud and Alibaba. Please use the information from this forum at your own risk and make sure to test and verify proposed solutions presented here. For information on contacting Palo Alto Networks support, click here.

Discussions

Start a conversation

Welcome to the VM-Series in the Public Cloud Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating: Rules and Best Practices Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussions are encouraged; disrespectful or inflammatory comments are not. Stay On-Topic: This board is d...

JayGolf by Community Team Member
  • 3528 Views
  • 0 replies
  • 0 Likes

Resolved! VM-series deployment issue via Panorama Orchestration

HelloI've tried to deploy the VM-Series in Azure via Panorama Orchestration mode (Panorama is deployed in a RG in Azure),I have only NAT GW and IP Public prefixes which are implemented (see screenshot below).The rest of the components are not deployed in Azure. Despite the 'success' message in Panorama.Anyone be faced with this behavior?I put th...

2022-03-14_16h03_25.png
2022-03-14_16h03_15.png
2022-03-14_16h03_06.png
2022-03-14_16h35_12.png
FatihT by L1 Bithead
  • 3396 Views
  • 2 replies
  • 0 Likes

Azure VM Series - Peered VNET traffic does not go outbound

I have created a VM series in Azure. I could see that the traffic from trusted subnet (from VM1 in the below diagram) is able to go outbound to internet, however traffic from a peered VNET (from VMs in the subnet1 in the peered VNET in the below diagram) shows "incomplete" status in the logs. I have a route table that routes the traffic from the...

Palo-Arch.png
msazure by L0 Member
  • 3748 Views
  • 2 replies
  • 0 Likes

Sizing a azure VM firewall

Hi Team,There is a situation where I need advice w.r.t Paloalto VM series firewall in azure. Currently, we have deployed Firewalls behind azure public load balancer in Active/active mode. Now there is a requirement where I need to deploy these firewalls in Active/passive and I am confused on how to check the load on VM firewall as they are getti...

all protocol NAT in azure load balancer

Hi Members, I have deployed paloalto VM in Azure public cloud and I am in middle of migrating a voice application which uses around 30k ports .Now challenge is that on azure external load balancer , how should I implement all protocol Nat as it external LB doesnt have that feature.For ex if my application hits on port XYZ on load balancer , the...

Resolved! PA in Azure and Public front LB

HelloI'm considering to implement PaloAlto VM-series in Azure in 'autoscaling' mode.This involves to have an App GW and a Standard LB in front of the firewalls.My questions are, as follows:In addition the deployed Azure App GW, is it possible to have additional Azure App GW?the aim is to have multiple public IP address (by default App GW can hav...

2022-03-04_15h13_13.png
FatihT by L1 Bithead
  • 3434 Views
  • 1 replies
  • 0 Likes

Identify file name from POST data

I have successfully been able to capture Get/Post data when uploading files to a website, using Custom Application Signature from the firewall and followed this link https://docs.paloaltonetworks.com/pan-os/u-v/custom-app-id-and-threat-signatures/custom-application-and-threat-signatures/create-a-custom-application-signature.htmlI now, want to se...

zHama by L0 Member
  • 1882 Views
  • 0 replies
  • 0 Likes

VM Information Sources AWS & NLB Dynamic Group

Hi, I am trying to find a way to build a DG around AWS VM Information Sources. I can do EC2 instances easy enough but struggling to find a way to dynamically pull in Load Balancers and other AWS resoures (Red Shift). Is there a way to have those monitored in DG without statically adding them

Azure webserver access from load balancer and palo alto firewall

Hello Tech Gurus,I am very new to azure and have knowledge on palo alto on-prem firewalls,I have the below requirement where I need to build the network in azure cloud Laptop--> Public Load balancer --> Palo alto FW --> WebserverBut when I configured the load balancer back end pool as palo alto untrust port and open https for managemen...

sudha346 by L0 Member
  • 3313 Views
  • 2 replies
  • 0 Likes

Azure Palo Alto VM Setup - QA/Dev/Prod/Stg

Hi, I has successfully deployed the VM-200 series in our Azure subscription. Trying to figure out how to do the segregation of environments (QA/Dev/Prod/Stg). Currently setup as Hub-and-spoke, the trust interface is connected to Core Subscription which will be use to setup, AD, Proxy, GW subnet and so on. The un-trust interface is associate with...

Paloalto Firewall and VPC peering

i am confuse AWS network firewall and peering section.As per AWS documents, it said**AWS Network Firewall cannot be deployed to inspect traffic between VPCs that are peered together; **this mean AWS network firewall cannot support. So let me know paloalto can support below scenario ? i did vpc peering VPC 1 (10.1.1.0/16)and VPC2 ( 10.2.1.0/16).V...

crypto by L2 Linker
  • 9718 Views
  • 10 replies
  • 0 Likes

GlobalProtect on VM-500 on AWS

Hello Palo Community I was testing GlobalProtect on my Free Trial on VM-500 Firewall in AWS, I got the configuration correctly and everything Tried to connect with the Globalprotect client, it asks me for User and Pass, and the certificate, So I can confirm configuration wise Im "good", but after that I get a Gateway Unreachable error. I was won...

  • 709 Posts
  • 107 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks