This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
VM-Series in the Public Cloud
The VM-Series is the virtualized form factor of the next-generation firewall. Use this discussion as a resource to discuss VM-Series deployments across public clouds like AWS, Microsoft Azure, Google Cloud Platform, Oracle Cloud, and Alibaba.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
VM-Series in the Public Cloud
The VM-Series is the virtualized form factor of the next-generation firewall. Use this discussion as a resource to discuss VM-Series deployments across public clouds like AWS, Microsoft Azure, Google Cloud Platform, Oracle Cloud, and Alibaba.
About VM-Series in the Public Cloud

Welcome to the VM-Series in the Public Cloud discussion forum! This community exists as a resource for you to discuss VM-Series deployments on AWS, Microsoft Azure, Google Cloud Platform, Oracle Cloud and Alibaba. We encourage you to engage in this rapidly growing community to share ideas, pose questions, and propose real-world solutions to any challenges that may arise.

Disclaimer:
This forum is provided for Live Community members to discuss and share information pertaining to the VM-Series deployments on AWS, Microsoft Azure, Google Cloud Platform Oracle Cloud and Alibaba. Please use the information from this forum at your own risk and make sure to test and verify proposed solutions presented here. For information on contacting Palo Alto Networks support, click here.

Discussions

Start a conversation

Welcome to the VM-Series in the Public Cloud Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating: Rules and Best Practices Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussions are encouraged; disrespectful or inflammatory comments are not. Stay On-Topic: This board is d...

JayGolf by Community Team Member
  • 3502 Views
  • 0 replies
  • 0 Likes

Azure ExpressRoute QinQ

We are moving to a new data center and i need to set up an Expressroute to Azure. The data center provides an L2 transit. This means i need an outer VLAN and and inner VLAN to setup the BGP connection. has anyone connected to Azure through a data center provider that only has L2? i can find Cisco docs for connections like this but nothing fr...

mcouch by L1 Bithead
  • 6601 Views
  • 1 replies
  • 2 Likes

Public Inbound Traffic not hitting the firewall

Hi Team, I have set-up a Palo Alto appliance in Azure and i am trying to allow public access (RDP) to a server in Azure via the firewall. Here's what I have done:Attached a public IP to the Untrust interface of the Firewall (NSG attached to allow all traffic)Defined this Public IP in Untrust ethernet in the firewallDefined a NAT and security pol...

How to secure DMZ and Internal traffic inside AWS Concept

Hi all, First, I 'm pretty with AWS...VPC is configured in the range 10.0.0.0/16.I have a firewall (PA VM) deployed with 3 interfaces (Untrust, DMZ, Trust).Untrust: 10.0.0.0/24, Internal : 10.0.1.0/24 (FW.1) , DMZ : 10.0.99.0/24 (FW.1).I created 3 Routing tables for each zone and assign each subnet into the RT.I changed the default route for rou...

Free Microsoft Course ware to Upskill During COVID-19

As a Microsoft Partner, GreyCampus offers a wide array of Microsoft official courseware to help you build real-world skills and gain Microsoft certification. In response to the COVID-19 situation, GreyCampus is providing access to Microsoft's Official Courseware free of charge for a limited period.Click here to Enroll for All Free Courses

Aws Tagging broken in Gov Cloud

Sorry if this isn't the perfect fit for this forum (I know it says public cloud). But here is the deal, we are currently attempting to use aws tags to populate address groups in panorama. We currently are attempting to do this with tags based on environment type and Business unit. So in panorama we have groups for example Development (for all de...

Palo Alto Azure - second trust interface routing issue?

I am doing a lab in Azure with a VM-300. I have the three interfaces - trust, management, and untrust. I have this model working to protect 2 additional subnets that have VMs, I achieved east-west and north south protection, including microsegmentation. However, I was wondering if I can add a new interface to control security policies by zones ...

Samebeef by L0 Member
  • 3063 Views
  • 1 replies
  • 0 Likes

Resolved! VM information sources Missing random Data?

I have successfully turned up our vm information sources monitor on the firewall, but it appears to be missing random data, information, vlans, and networking mostly. I'm wondering if this is in relation to a timeout that is occurring because our VM's are so numerous. How would one confirm this? Almost all of the vm's I can get info on, it...

Sec101 by L4 Transporter
  • 5478 Views
  • 4 replies
  • 0 Likes

How can i Create more than 4 security zones on VM-100 on Azure??

We have deplyed a VM-100 FW on Azure on A D3_v2 VM. The VM support maxium of 4 vNICs to be attached to the firewall and i used them as (mgmt, trust, untrust, dmz). now i need to create more 2 DMZz with a diffewrent Subnets and Security zone, which is not supported ? Do you have any ideas on how to solve this Case ??? i must have two other isolat...

Autoscaling in AWS version 2.1 -Getting error with Application Template

Getting the below error while launching the application Template. Not sure what could be the reason behind it. Embedded stack arn:aws:cloudformation:us-east-1:632512868473:stack/application-exp-13-DeployNLBLambda-4AMN36HWPBE7/d2898ee0-8c89-11ea-a806-12301089d57f was not successfully created: The following resource(s) failed to create: [LambdaCu...

Configuring S2S VPN for Paloalto Deployed in Active/passive azure by using External LB IP

I have deployed Paloalto in HA A/P in Azure i need to establish S2S VPN to Onprem but i dont want to use floating IP because the failover time is very long in production environment ,can I use External Load Blanacer PIP and Create Load Balancing Rule (UDP 500 , 4500) to establish this VPN instead of floating IP .

VM-300 on GCP..not forwarding logs to syslog server..

Hi Team, We followed instructions on setting up a syslog server profile as well as setting up log forwarding profiles. The log forwarding profiles are attached to both the zones and policies...but no logs are being forwarded to our remote syslog server which is on an the "internal network/trust network" of our PA architecture..... Any ideas of...

cm2020 by L0 Member
  • 3425 Views
  • 0 replies
  • 0 Likes

Resolved! Second Public IP for VM-300 hosted in Azure

Hi everyone, our PAN NIC in Azure looks like this Primary IP: 192.168.1.4/1.1.1.1 Secondary IP: 192.168.1.8/1.1.1.2. On the Vm-300 interface eth1/1 (outside) recieves 192.168.1.4 via DHCP which is working fine. But how do I map the secondary IP? In this KB https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClDBCA0 it says...

  • 704 Posts
  • 107 Subscriptions
Latest Comments
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks