This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
VM-Series in the Public Cloud
The VM-Series is the virtualized form factor of the next-generation firewall. Use this discussion as a resource to discuss VM-Series deployments across public clouds like AWS, Microsoft Azure, Google Cloud Platform, Oracle Cloud, and Alibaba.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
VM-Series in the Public Cloud
The VM-Series is the virtualized form factor of the next-generation firewall. Use this discussion as a resource to discuss VM-Series deployments across public clouds like AWS, Microsoft Azure, Google Cloud Platform, Oracle Cloud, and Alibaba.
About VM-Series in the Public Cloud

Welcome to the VM-Series in the Public Cloud discussion forum! This community exists as a resource for you to discuss VM-Series deployments on AWS, Microsoft Azure, Google Cloud Platform, Oracle Cloud and Alibaba. We encourage you to engage in this rapidly growing community to share ideas, pose questions, and propose real-world solutions to any challenges that may arise.

Disclaimer:
This forum is provided for Live Community members to discuss and share information pertaining to the VM-Series deployments on AWS, Microsoft Azure, Google Cloud Platform Oracle Cloud and Alibaba. Please use the information from this forum at your own risk and make sure to test and verify proposed solutions presented here. For information on contacting Palo Alto Networks support, click here.

Discussions

Start a conversation

Welcome to the VM-Series in the Public Cloud Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating: Rules and Best Practices Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussions are encouraged; disrespectful or inflammatory comments are not. Stay On-Topic: This board is d...

JayGolf by Community Team Member
  • 3502 Views
  • 0 replies
  • 0 Likes

Ultimate Test Drive (UTD) - Get “Hands On” With the VM-Series on Microsoft Azure

As we continue with our efforts to improve and enhance the public cloud UTDs, a new version of Azure UTD focused on VM-Series firewall in Azure is now available. In the latest version, attendees receive temporary access to Microsoft Azure to run the lab.No setup required and no Azure account required. What's new in Azure UTD v2.0:- Runs in Cloud...

rsingh by L3 Networker
  • 3738 Views
  • 0 replies
  • 0 Likes

AWS Transit Gateway

Hello, Is there planned AWS Transit Gateway integration? There is mention but no detail in this video: https://www.youtube.com/watch?v=6fhwoAwYrug Other than operational ease, the Transit Gateway advantages appear limited. Traffic between VPCs is not encrypted. VPC segmentation is via routing and does not traverse a firewall.

fwmike by L2 Linker
  • 16661 Views
  • 9 replies
  • 1 Likes

Resolved! Palo Alto Azure - second trust interface routing issue

Hello to all, I am doing a lab in Azure with a VM-300. I have the three interfaces - trust, management, and untrust. I have this model working to protect 2 additional subnets that have VMs, I achieved east-west and north south protection, including microsegmentation. However, I was wondering if I can add a new interface to control security poli...

route FW trust interface.png
LAN routes.png
LAN2 routes comm with LAN3.png
trust 2 route.png
Edwardo by L2 Linker
  • 16559 Views
  • 5 replies
  • 1 Likes

PA-VM GNS3 routing

Hello,I've configured up two interfaces on my PA-VM (management 10.0.64.3 with VMnet0 - 10.0.64.0/24 and data with VMnet1 - 10.0.0.0/16). Management is directly connected to PC with Windows and Ethernet 1/1 to FastEthernet0/0 on my switch. I've configured trunk on FastEthernet 0/0 and i've problem with interzone routing. Any solutions?

1.PNG
2.PNG
3.PNG
4.PNG
Werpet by L1 Bithead
  • 2370 Views
  • 0 replies
  • 0 Likes

Resolved! VM interfaces vmxnet3

Hello,I'm using PA-VM with PAN-OS 9.0.4 on GNS3 2.2.5. I've configured four VMnets (0 - management, 1 - LAN_IT, 2 - LAN_USERS and 3 - SERVERS). I've access to management on IP address 10.0.64.3 on Eth0 port. I can't configure traffic ports e.g. e1/1, e1/2 because i can't see this interfaces. Any solutions? Configuration VMnets, GNS3 and PA on sc...

1.PNG
3.PNG
4.PNG
5.PNG
Werpet by L1 Bithead
  • 4407 Views
  • 1 replies
  • 0 Likes

Private, Public, Hybrid?

Has your company gone fully cloud native? Are you just starting out? Somewhere in between? We're interested to learn what blockers you've experienced, and what sort of solutions you've found in your journey—from a security side or dev side.

More info on HA in Azure?

The documentation seems a bit light on detail. I have created a Service Principle in Azure and entered the data into my two firewalls as per these documents:https://docs.paloaltonetworks.com/vm-series/9-1/vm-series-deployment/set-up-the-vm-series-firewall-on-azure/configure-activepassive-ha-for-vm-series-firewall-on-azurehttps://docs.microsoft.c...

Resolved! Default route is not distributed to subscriber VPC - Bgp/Dynamic routing

Hello, currently doing a POC for Transit VPC setup in AWS with VM-Series firewalls and noticed that default route is not propagated on subscriber VPC routing tables. All the other subnets are propagating. Followed https://www.paloaltonetworks.com/resources/guides/aws-transit-vpc-model-deployment-guide as is but I'm using PAN-OS 9.1 and in the g...

Security Policy in VM-Series - Container and DAGs

In AWS environment we have containers that do the job and then terminate. How is is possible to do a security policy on containers? DAG is not detecting the IP Address used by container to egress out to internet. Secondly, how a single IP Address can be filtered for an instance that has multiple ENIs? VM Information sources doesn't list ENI as m...

Mubashir by L0 Member
  • 2565 Views
  • 0 replies
  • 0 Likes

Resolved! Azure bootstrap - indirect internet access

Hello, We are in the process of bootstrapping our ELA-licensed VM-series firewalls for use in Azure. The firewalls will not have internet access once spun up, so I am not able to simply load the auth code in the license folder. We will be leveraging Panorama to speak with the licensing server in order to load the licensed features on the firewal...

Dynamic Updates and Device Registration Failing in GCP. HELP!!!

Ok Gurus, I got a need for some help and visibility on this one... please... My FWs are virtualized within a open source (KVM) environment, that was placed into GCP back in June 2019. Somewhere along this week, when I first noticed that I am not getting my Dynamic Updates, cannot retrieve license keys from license server, nothing... I looked ...

SteveCantwell_0-1581086052732.png

DMZ setup on Transit VPC (AWS)

I'm just wondering if anyone setup a DMZ on Transit firewalls in Transit VPC on AWS? Basically we need to have outbound to inbound NAT rule with a elastic ip address. Came across this link but not sure if this is the proper way of doing it. We would like achieve this through a dedicated VSYS but open for different options.

Trial AWS VM not logging any statistics....

I'm running a trial of the AWS PA-VM product, and am not getting any statistics logged: Logging statistics------------------------------ -----------Log incoming rate: 0/secLog written rate: 0/secCorrupted packets: 0Corrupted URL packets: 0Corrupted HTTP HDR packets: 0Corrupted HTTP HDR Insert packets: 0Corrupted EMAIL HDR packets: 0Logs discarde...

megrez80 by L2 Linker
  • 3789 Views
  • 1 replies
  • 0 Likes
  • 704 Posts
  • 107 Subscriptions
Latest Comments
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks