This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
VM-Series in the Public Cloud
The VM-Series is the virtualized form factor of the next-generation firewall. Use this discussion as a resource to discuss VM-Series deployments across public clouds like AWS, Microsoft Azure, Google Cloud Platform, Oracle Cloud, and Alibaba.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
VM-Series in the Public Cloud
The VM-Series is the virtualized form factor of the next-generation firewall. Use this discussion as a resource to discuss VM-Series deployments across public clouds like AWS, Microsoft Azure, Google Cloud Platform, Oracle Cloud, and Alibaba.
About VM-Series in the Public Cloud

Welcome to the VM-Series in the Public Cloud discussion forum! This community exists as a resource for you to discuss VM-Series deployments on AWS, Microsoft Azure, Google Cloud Platform, Oracle Cloud and Alibaba. We encourage you to engage in this rapidly growing community to share ideas, pose questions, and propose real-world solutions to any challenges that may arise.

Disclaimer:
This forum is provided for Live Community members to discuss and share information pertaining to the VM-Series deployments on AWS, Microsoft Azure, Google Cloud Platform Oracle Cloud and Alibaba. Please use the information from this forum at your own risk and make sure to test and verify proposed solutions presented here. For information on contacting Palo Alto Networks support, click here.

Discussions

Start a conversation

Welcome to the VM-Series in the Public Cloud Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating: Rules and Best Practices Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussions are encouraged; disrespectful or inflammatory comments are not. Stay On-Topic: This board is d...

JayGolf by Community Team Member
  • 3527 Views
  • 0 replies
  • 0 Likes

AWS ALB/ALB Sandwich - issue with target group showing firewalls unhealthy (http - 80)

Configuration in AWSExternal ALB -> VM-series 300 (in 2 AZ) -> Internal ALB ->webserverThe target group of the external ALB shows unhealthy for port http/80 External NLB ->VM-series 300 (in 2 AZ)-> Internal NLB -> webserverThe target group of the external NLB shows healthy for port tcp/80 consistently Why is the external ALB...

Unable to get ssh key to work

Trying to spin up a firewall in the GCP environment but unable to get ssh key to work. Tried different keys including puttygen generated key. Also tried project metadata and instance metadataEx:resource "google_compute_instance" "fw-region" {count = 2name = "fw-region-${count.index +1 }"can_ip_forward = truemetadata = {ssh-keys = "admin:ssh-...

PaulPink by L0 Member
  • 3688 Views
  • 0 replies
  • 0 Likes

Resolved! AWS Availability Zones

For background, here is the scenario: Initially we were looking at a high availability setup with 2 VM appliances, however, there is a restriction to a single AZ in that approach because of how the “floating IP / ENI” works. However, this environment will span multiple AZ’s for redundancy and there is a published Palo Alto video on how they do t...

nrobison by L1 Bithead
  • 9065 Views
  • 3 replies
  • 0 Likes

Resolved! Can't get vr id(Module: dhcpd)

Hello, I have a Bundle 1 subscription Following thishttps://docs.paloaltonetworks.com/vm-series/9-0/vm-series-deployment/set-up-the-vm-series-firewall-on-aws/use-case-secure-the-ec2-instances-in-the-aws-cloud.htmlOnce I configure the network to get DHCP, I get the error.. after commit Can't get vr id(Module: dhcpd) and I can't get pass that. Th...

nronica by L1 Bithead
  • 21329 Views
  • 2 replies
  • 0 Likes

VM Series in AWS not reading boot config from bucket

Hello,I followed the instructions here: https://docs.paloaltonetworks.com/vm-series/8-1/vm-series-deployment/bootstrap-the-vm-series-firewall/bootstrap-the-vm-series-firewall-in-awsI only have config/bootstrap.xml, config/init-cfg.txt and the other three empty foldersI have set vmseries-bootstrap-aws-s3bucket=bucket_name in user_configThe instan...

Muttley by L1 Bithead
  • 4568 Views
  • 2 replies
  • 0 Likes

Basic AWS Setup

So I'm having troubles with a deployment ... seems like it should be super straightforward, but I'm just not getting any traffic through the Palo.I've got 3 subnet, private, public, mgmtI swapped the mgmt and eth1/1 interface so the EIP is applied to the public facing interface. I'm able to reach both the EIP and over VPN I'm able to access the ...

Panorama VM Series Cloud Plugin UserID

Hi Community, I ran over this piece of information "The plugin enables publishing custom metrics to cloud monitoring services (such as AWS CloudWatch), bootstrapping, configuring user credential provisioning information from public cloud environments, and seamless updates for cloud libraries or agents on PAN-OS."https://docs.paloaltonetworks.com...

Chacko42 by L4 Transporter
  • 3439 Views
  • 1 replies
  • 0 Likes

double vs single NATing in gcp for outbound internet gateway

We're attempting to deploy a VM series in GCP to act as an outbound internet gateway. All documentation we've been able to find shows the Palos NATing the original source IP to another private IP in a 'public dmz' subnet. GCP will then NAT this new private IP to a public IP to traverse the internet. Has anyone had any success with a deployment ...

Resolved! VM-Series in GCP - Panorama Plugin for GCP

Is there plans to add the VM-Monitoring feature to the Panorama Plugin so that Panorama can connect to the GCP environment to get attributes from the VM instances? From what i see now, the only method is to log onto each GCP firewall and configure the 'VM Information Sources'. It looks like the Panorama Plugin for AWS and Azure have this capabil...

Azure-2-Firewalls-Public-Load-Balancer

I used the Azure-2-Firewalls-Public-Load-Balancer 1.0 template to deploy two vm-series firewalls and a public load balancer. From there I spun up windows 2008 server for testing and added RDP to the load balancer rule but cannot get it to work. I have the NAT from outside > outside > destination untrust interface and then the translation...

Setting up an IPSEC VPN Tunnel on AWS.. Connects but no traffic..

Hello everyone. I am having an issue setting up a VPN from my Palo to my AWS Palo and was hoping someone can help. I did look at other AWS VPN issue but all i saw was issues with aws. This is something else. I have the tunnel up and established but traffic is not working. I see traffic leaving my palo over the correct tunnel interface but it get...

Planning to implement Panorama on VMware nsx

Team, i am not planning to implement panorama on vmware based soultion. i likely to know configuration and resources on vmware ( cpu sizse and ram ...etc..) we have to include maximum 50 palo alto devices into panorama. Panorama should be on both logger and configuration mode. where i can get trail image to upload on VMware.

MUmanath by L1 Bithead
  • 2346 Views
  • 0 replies
  • 0 Likes
  • 709 Posts
  • 107 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks