This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
VM-Series in the Public Cloud
The VM-Series is the virtualized form factor of the next-generation firewall. Use this discussion as a resource to discuss VM-Series deployments across public clouds like AWS, Microsoft Azure, Google Cloud Platform, Oracle Cloud, and Alibaba.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
VM-Series in the Public Cloud
The VM-Series is the virtualized form factor of the next-generation firewall. Use this discussion as a resource to discuss VM-Series deployments across public clouds like AWS, Microsoft Azure, Google Cloud Platform, Oracle Cloud, and Alibaba.
About VM-Series in the Public Cloud

Welcome to the VM-Series in the Public Cloud discussion forum! This community exists as a resource for you to discuss VM-Series deployments on AWS, Microsoft Azure, Google Cloud Platform, Oracle Cloud and Alibaba. We encourage you to engage in this rapidly growing community to share ideas, pose questions, and propose real-world solutions to any challenges that may arise.

Disclaimer:
This forum is provided for Live Community members to discuss and share information pertaining to the VM-Series deployments on AWS, Microsoft Azure, Google Cloud Platform Oracle Cloud and Alibaba. Please use the information from this forum at your own risk and make sure to test and verify proposed solutions presented here. For information on contacting Palo Alto Networks support, click here.

Discussions

Start a conversation

Welcome to the VM-Series in the Public Cloud Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating: Rules and Best Practices Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussions are encouraged; disrespectful or inflammatory comments are not. Stay On-Topic: This board is d...

JayGolf by Community Team Member
  • 3502 Views
  • 0 replies
  • 0 Likes

Deploy a "hub Template" in an existing VNET in other resource group

Hi,We have an error to Deploy a "hub Template" in an existing VNET, this vnet is in another resource group different to resource group used to deploy VM-Series. We used "Hub Deployment" https://github.com/PaloAltoNetworks/azure-autoscaling/tree/master/Version-1-1, and we understand that this script uses the same resource group as used for VM's. ...

MPoffal by L1 Bithead
  • 2287 Views
  • 0 replies
  • 0 Likes

Need to rebuild PA-VMs in AWS to support HA...

I need to rebuild some Palo VMs that were deployed poorly in an AWS transit VPC. I'm looking for suggestions to minimize headaches and work. The existing VMs are deployed as a firewall on a stick with a single management interface and public facing interface. The public facing interface terminates VPNs from several spoke VPCs as well as VPNs t...

VM Series to AWS VPN

Hi, My main aim is that I'm trying to setup a VPN between AWS and my VM Series.I so far have my Phase 1 and Phase 2 connections up. My AWS VPN has a static route to the remote CIDR, but when I try and send traffic over this (example ping or ssh to 172.168.1.5 from a server on the AWS side) I see no traffic hitting the the VM series.If I run a tr...

Can't access ssh on Palo Alto Networks VM-300 Bundle 2 on AWS

I launched Palo Alto Networks VM-300 Bundle 2 on AWS. Appliance is available via ssh and https, but I cannot login to CLI for the first time to change the admin password. I have the error below. ssh -i paloalto.pem admin@ec2-3-83-141-34.compute-1.amazonaws.comReceived disconnect from 3.83.141.34 port 22:2: Too many authentication failures for ad...

kpoadips by L0 Member
  • 2808 Views
  • 0 replies
  • 0 Likes

Associate multiple disks in azure vm using terraform

I am trying to create multiple vms and managed disk to associate after creation. I could see the disks are created and getting associated only for the first VM in the list. I am not sure how to assign the right index number in the below code.I believe Virtual_Machine_id is creating this issue, has any one came across the similar, please advice.'...

Resolved! Palo Alto logs to Cloudwatch logs possible?

I'm looking to see if we're able to push Palo Alto VM's syslogs and traffic logs to AWS CloudWatch logs. Just to be clear, I'm not looking to monitor Palo Alto metrics using CloudWatch but need to push logs from the firewall to CloudWatch logs. Is this possible at all? Thanks.

chrisjin by L0 Member
  • 10724 Views
  • 3 replies
  • 0 Likes

Global Protect behind Azure load balancer without NAT

I have a PAYG VM-300 behind an Azure standard SKU load balancer with NSG opened up. I used this first to test the management interface and could load balance this. However when I try this on the Global protect it fails. I have a default virtual router with a static route 0.0.0.0/0 to .1 from untrusted and a rule to 168.63.129.16/32 also to .1 fr...

AWS VM-100 (2 VCPU limit) on M4/M5.xlarge (4 VCPU onboard) - wasted VCPU?

Hello Experts, Please help to understand what happens when one runs AWS VM-100 (2 VCPU limit) on M4.xlarge or M5.xlarge (4 VCPU onboard).It works fine. But it seems like two of four VCPUs are staying idle in such setup. Would you agree?I tried to use CloudWatch to see core specific CPU utilization, it is only display overall stats and does not s...

SergGur_0-1599826668014.png
SergGur_1-1599826668018.png
SergGur_2-1599826668020.png
SergGur_3-1599826668025.png
SergGur by L2 Linker
  • 11690 Views
  • 7 replies
  • 1 Likes

VM-300 BGP ECMP Performance?

Hello, I was wondering if anyone has any experience or knowledge regarding the performance impact of enabling ECMP for BGP on the VM-300 series appliance in Azure. Documentation stated that there is an impact to performance as the overhead associated is processed via software vs hardware, but no metrics were provided with that statement. Some in...

Resolved! Panorama HA (Active/Standby) Deployment in Azure

Hello Our company has opted to deploy Panorama and Palo Alto Firewalls in our Azure. I am planning to deploy Panorama in HA (Active/Standby) in Panorama mode in our Azure. I have some questions and hoping you guys can help me I am using the below System Requirements System Disk: 1 x 256 GB (Premium SSD)CPU’s: 16Memory: 64 GBLogging Disks: 2TBA...

I cannot login to panorama in azure after downgrade from version 10.0 to 9.1.5.

HelloI deployed the panorama(version10.0) in my azure environment.After setting up, I realized that I must downgrade to version 9.1.5 due to several reasons.Therefore I tried downgrade with this manual site( https://docs.paloaltonetworks.com/panorama/10-0/panorama-admin/troubleshooting/downgrade-from-panorama-10-0.html )It seems panorama is down...

Routing the return traffic for on Prem network through Expressroute

We have 2 Palo alto firewalls in Azure using the so called 'load balancer sandwich.' In addition we have a Microsoft ExpressRoute for connectivity to our on prem network. Currently our Expressroute traffic goes around the Palos but the intent is to have the expressroute traffic also go through the Palos. So if I create a UDR for one of the...

Resolved! Panorama in Azure is not detecting the attached logging disks

Hello I deployed Panorama in Azure. I attached a 2TB data disk as a logging disk for the Panorama VM but when I go to Panorama CLI and run the command "show system disk details" it says "No Disks available". I found the below article in the knowledge base and tried the resolution 2 but it's still the same. Does anyone know how can I fix this pro...

  • 704 Posts
  • 107 Subscriptions
Latest Comments
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks