This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
VM-Series in the Public Cloud
The VM-Series is the virtualized form factor of the next-generation firewall. Use this discussion as a resource to discuss VM-Series deployments across public clouds like AWS, Microsoft Azure, Google Cloud Platform, Oracle Cloud, and Alibaba.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
VM-Series in the Public Cloud
The VM-Series is the virtualized form factor of the next-generation firewall. Use this discussion as a resource to discuss VM-Series deployments across public clouds like AWS, Microsoft Azure, Google Cloud Platform, Oracle Cloud, and Alibaba.
About VM-Series in the Public Cloud

Welcome to the VM-Series in the Public Cloud discussion forum! This community exists as a resource for you to discuss VM-Series deployments on AWS, Microsoft Azure, Google Cloud Platform, Oracle Cloud and Alibaba. We encourage you to engage in this rapidly growing community to share ideas, pose questions, and propose real-world solutions to any challenges that may arise.

Disclaimer:
This forum is provided for Live Community members to discuss and share information pertaining to the VM-Series deployments on AWS, Microsoft Azure, Google Cloud Platform Oracle Cloud and Alibaba. Please use the information from this forum at your own risk and make sure to test and verify proposed solutions presented here. For information on contacting Palo Alto Networks support, click here.

Discussions

Start a conversation

Welcome to the VM-Series in the Public Cloud Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating: Rules and Best Practices Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussions are encouraged; disrespectful or inflammatory comments are not. Stay On-Topic: This board is d...

JayGolf by Community Team Member
  • 3502 Views
  • 0 replies
  • 0 Likes

Resolved! Bootstrap Failure with Terraform Deployment to GCP

Unable to configure static IP address on management interface, and default password, on VM-Series GCP. I'm using code modified from the GCP-Terraform-Samples/FW-3-Interfaces/Variables.tf with Terraform v0.12.28. I've created storage bucket named "fw-bootstrap-bucket" with 4 folders, uploaded init-cfg.txt with "type=static" and an IP address to...

AWS Autoscale deploy firewalls only and add to existing NLB target groups

I've read the doccos on the current versions of AWS autoscale and they all seem very convoluted and create new applications and load balancers.What I am trying to achieve is to just scale the firewalls only and add to existing target groups and have Panorama push the configuration down. I know that version 2.1 does this but it looks as though it...

GCP Marketplace Deploy -- can't assign subnets

I am trying to deploy "VM-Series Bundle 1" by hand from Google Marketplace. In the "Networking" section, I can choose my "mgmt" VPC from the dropdown. But, there are no subnetworks to choose from in the "Subnetwork" dropdown. I created the VPC's and the subnetworks using a Terraform template, and they show up in the "gcloud compute networks...

Active Directory Log on and Azure

Hello all,I have set up a PAN cluster in an Azure environment and also extended the Active Directory domain controllers in Azure (configure site links and AD AD replication with Virtual Machines in Azure), I have Azure ExpressRoute in middle and all traffic from on-prem is routed via the PAN cluster. Now the issue I'm experiencing is that, on-p...

ghostme by L0 Member
  • 3484 Views
  • 1 replies
  • 0 Likes

Azure deployment. NAT rule assistance.

Howdy Group. I have a newbie question and wanted to ask the group. Maybe I am thinking too hard about it.Customer wanted a FW load balancer on both sides… and this was the screen capture of the solution. I have a nice easy question about incoming traffic and how it gets to its proper destination. My question is surrounding NAT and the need to ...

SteveCantwell_0-1591356510602.jpeg
SteveCantwell_1-1591356510609.png

HA on AWS

Hi,I would like to ask about PA FW HA on AWS.I am confused AWS said if we use loadbalancer or ELB ,we can not do PA HA.That mean even though I put PA is in front of ELB,we cannot do HA?vgw---->PA--->ELB--->ServersIf I want to do PA HA with ELB what should I do?if we deploy different availability zone,can we do PA HA ?

crypto by L2 Linker
  • 9198 Views
  • 8 replies
  • 0 Likes

Resolved! Azure natting and routing of internet inbound via Palo?

My Azure subscription will be hosting public websites. Azure handles the translation between the assigned public and private IP addresses for each website. My question concerns routing. Say i have a VM 10.1.1.10/24. The 10.1.1.0/24 subnet has a UDR which will send internet-bound traffic out through my Palo. But where can i assign a UDR for in...

Resolved! Azure No Arp

Hey All, I'm coming across a weird issue here. We have two subents in Azure. Let's call them Subnet1 and Subnet2 Subnet1 has a UDR to point traffic to the internal interface of the firewall. This works, we see the traffic come into the firewall. We don't see any return traffic from the server in subnet 2. There is a static route pointing to the ...

Issues Deploying PA VM in Azure with ARM Template

I need to deploy a PA VM in Azure, and cannot use the market place since I'm deploying in an existing Resource Group. When I try to deploy using the ARM template from github, it fails saying the subnet names are not valid in my vnet. I've tried creating the subnets with the exact names prior to deploying the template, and just creating brand new...

roll back mgmt-interface-swap=enable

add this to the user data on my vm instance after it was already configured.Not the brightest choice..The PA VM has become unreachable as a result and I'm trying to figure out how to roll this back. Is that possible?Can't find any documentation on rolling back this. Triedremoved the user-data and mgmt-interface-swap=disable. Unsuccessfully..Reco...

Unable to communicate eth1/2 interface

Hi Guys I have come here with lot of hope , I am doing my masters project and for that purpose my topology .My goal here is to show how paloalto can block the threats with its inbuilt IDS IPS ,url filtering , block traffic etc but right now I am facing a issue setting up a network I configured ping management on the firewall also I configured th...

PA Azure no public traffic ingressing

Hi Team, I've set up a public load balancer, with its respective backend pool pointing to the firewalls untrust interfaces and a test load balancing rule, but no matter what, nothing is ingressing on our public interface! The weird thing is, the untrust interface the firewall has, also has a public IP attached to it, and I'm not seeing any gener...

  • 704 Posts
  • 107 Subscriptions
Latest Comments
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks