This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
VM-Series in the Public Cloud
The VM-Series is the virtualized form factor of the next-generation firewall. Use this discussion as a resource to discuss VM-Series deployments across public clouds like AWS, Microsoft Azure, Google Cloud Platform, Oracle Cloud, and Alibaba.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
VM-Series in the Public Cloud
The VM-Series is the virtualized form factor of the next-generation firewall. Use this discussion as a resource to discuss VM-Series deployments across public clouds like AWS, Microsoft Azure, Google Cloud Platform, Oracle Cloud, and Alibaba.
About VM-Series in the Public Cloud

Welcome to the VM-Series in the Public Cloud discussion forum! This community exists as a resource for you to discuss VM-Series deployments on AWS, Microsoft Azure, Google Cloud Platform, Oracle Cloud and Alibaba. We encourage you to engage in this rapidly growing community to share ideas, pose questions, and propose real-world solutions to any challenges that may arise.

Disclaimer:
This forum is provided for Live Community members to discuss and share information pertaining to the VM-Series deployments on AWS, Microsoft Azure, Google Cloud Platform Oracle Cloud and Alibaba. Please use the information from this forum at your own risk and make sure to test and verify proposed solutions presented here. For information on contacting Palo Alto Networks support, click here.

Discussions

Start a conversation

Welcome to the VM-Series in the Public Cloud Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating: Rules and Best Practices Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussions are encouraged; disrespectful or inflammatory comments are not. Stay On-Topic: This board is d...

JayGolf by Community Team Member
  • 3508 Views
  • 0 replies
  • 0 Likes

VM series Firewalls not removing license on autoscale

So we have had a series of autoscaling VM series in AWS for a while now. We've had a slew of problems with them but the current one I am fighting is that they don't remove the license during an event. This means that the new spun up firewall fails as there is no additional credits for it to consume. The way my cloud team is telling me it appea...

Verac22 by L2 Linker
  • 1089 Views
  • 0 replies
  • 0 Likes

SSL Forward Proxy - Exclude certain IPs from decryption

Hi there, I'm running PA-VM (VM-300) version 9.1.16-h3 in Azure. I have configured response pages which work as expected. However, I cannot seem to stop decryption of SSL traffic for specific source IPs Out of frustration I have configured an any/any do not decrypt run and I can still cleary see SSL traffic being decrypted rather than just the c...

j.rowe by L0 Member
  • 1508 Views
  • 3 replies
  • 0 Likes

PAN-OS Upgrade / Downgrade procedure

I need to rebuild an HA peer for an existing NGFW in our Azure Production environment with minimal downtime. The existing NGFW was deployed as BYOL (Azure Source image plan = byol). The rebuilt HA Peer has been deployed as PayGo (Azure Source image plan = bundle1). The mismatched PAN-OS version is blocking HA peering and config sync. I need to U...

CarlNeal by L0 Member
  • 830 Views
  • 0 replies
  • 0 Likes

Resolved! Commit issue

Hi Team, I am using the VM-series FWs in Azure cloud, while commit I am receiving the following error. I am trying to change the DNS servers for the VM-series FW, as its not resolving the "updates.paloaltonetworks.com" After changing the DNS server & commit error received, Error while on GUI "Commit job was not queued since auto-comm...

vm-series with AWS GWLB

We are to deploy vm-series in AWS with GWLB. The docs says " To ensure that the VM-Series firewall can inspect traffic that is routed between VPC attachments, you must enable appliance mode on the transit gateway VPC attachment for the security VPC containing the VM-Series firewall."In my understanding, appliance mode is used to ensure the stick...

gongya by L3 Networker
  • 1050 Views
  • 0 replies
  • 0 Likes

PAN-OS Downgrade Resulted in Maintenance Mode with No Error Reason

Hello All, A bit of a weird one here: downgrading PAN-OS on a VM series NGFW from 11.2.0 to 11.1.4-h7. The device continually enters maintenance mode after it reboots to finish the installation process to 11.1.4-h7. The curious part is the maintenance entry reason: "No error entry reason detected". Please see the attached photo for clarity. ...

nohash4u by L3 Networker
  • 2134 Views
  • 4 replies
  • 0 Likes

Palo Alto VM Series Routing Problem in AWS

I am working on a greenfield proof of concept and I am running into some challenges. I am trying to get VPC A in Account A to route internet traffic through VPC B in Account B using VPC peering. The Palo Alto VM Series resides in VPC B. Is this configuration possible, or am I forced to use a Transit Gateway or IPSEC VPN? Account A / VPC A CIDR 1...

Not able to set the PANG admin account password after enabling FIPS-CC mode

Hello, When I set up my AWS PANG to FIPS-CC mode I am not able to set the admin account password. I tested the paloaltonetworks.panos.panos_admpwd module before enabling FIPS-CC and it works utilizing the priv key (RSA 4096). I successfully set up one firewall on FIPS-CC and set up the admin account password. My VM Mode Amazon AWSPANG Software V...

Welcome to the VM-Series in the Public Cloud Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating: Rules and Best Practices Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussions are encouraged; disrespectful or inflammatory comments are not. Stay On-Topic: This board is d...

JayGolf by Community Team Member
  • 3508 Views
  • 0 replies
  • 0 Likes

DHCP client Interface on OCI PA VM

Hi wondering if come one can help me and I am new to PA I have deployed an OCI PA instance and configured all interfaces as Layer 3 > attached a V-Router and a Zone to interface and selected DHCP client. Still the Ethernet 1/1 is not showing an IP through PA-CLI. Same steps as below URL https://docs.paloaltonetworks.com/pan-os/10-2/pan-o...

AWS Privatelink for Hub and Spoke Topology

HI all, Need some assistance with someone who has familiarity with deploying VM-Series FW in AWS w/ AWS Privatelink....our organization currently has an existing environment that we are currently leveraging TGW's for Interconnectivity between Accounts w/ a side of VPC Peering, tends to be a bit of a rodeo. This overall seems costly compared to...

Murph by L1 Bithead
  • 1306 Views
  • 0 replies
  • 0 Likes

Palo Alto Firewall in Azure backup

Got some PA-VM-FLEX in GCP and Azure. I could create a backup routine for the GCP ones, but, I can't complete a backup for the Azure one. Found some old topics saying it is not possible to backup VM PA in Azure with Azure backup. Is that true? So, if Azure Backup routine doesn't work, what's the way to backup the VM to restore in case needed?

isobrado by L0 Member
  • 4383 Views
  • 2 replies
  • 0 Likes

install PA into VMC

Hi, we have Vmware VMC (managed vmware env, with nsx) and would like to install PA into to create a separate DMZ. We have found multiple articles about doing this in AVS (azure's version of managed vmware) but not VMC. Can this be done? Posting an video on how to in AVS, but since we cannot modify the segment gateways in VMC not sure how to prop...

gjbrown by L0 Member
  • 536 Views
  • 0 replies
  • 0 Likes
  • 705 Posts
  • 107 Subscriptions
Latest Comments
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks