This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
VM-Series in the Public Cloud
The VM-Series is the virtualized form factor of the next-generation firewall. Use this discussion as a resource to discuss VM-Series deployments across public clouds like AWS, Microsoft Azure, Google Cloud Platform, Oracle Cloud, and Alibaba.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
VM-Series in the Public Cloud
The VM-Series is the virtualized form factor of the next-generation firewall. Use this discussion as a resource to discuss VM-Series deployments across public clouds like AWS, Microsoft Azure, Google Cloud Platform, Oracle Cloud, and Alibaba.
About VM-Series in the Public Cloud

Welcome to the VM-Series in the Public Cloud discussion forum! This community exists as a resource for you to discuss VM-Series deployments on AWS, Microsoft Azure, Google Cloud Platform, Oracle Cloud and Alibaba. We encourage you to engage in this rapidly growing community to share ideas, pose questions, and propose real-world solutions to any challenges that may arise.

Disclaimer:
This forum is provided for Live Community members to discuss and share information pertaining to the VM-Series deployments on AWS, Microsoft Azure, Google Cloud Platform Oracle Cloud and Alibaba. Please use the information from this forum at your own risk and make sure to test and verify proposed solutions presented here. For information on contacting Palo Alto Networks support, click here.

Discussions

Start a conversation

Welcome to the VM-Series in the Public Cloud Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating: Rules and Best Practices Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussions are encouraged; disrespectful or inflammatory comments are not. Stay On-Topic: This board is d...

JayGolf by Community Team Member
  • 3543 Views
  • 0 replies
  • 0 Likes

Resolved! Setting up an IPSEC VPN Tunnel on AWS

Hi Palo Alto community, I've been trying to follow this guide to set up a static IPSEC tunnel on AWS between two VPCs but having a bit of trouble:https://knowledgebase.paloaltonetworks.com/servlet/fileField?entityId=ka10g000000D8OjAAK&field=Attachment_1__Body__s This is my network diagram: This is my configuration for the firewall in VPC A...

range drawing palo alto.png
1.PNG
2.PNG
3.PNG

Resolved! AWS Totally Noob Question - Routing

Hi All, I've just deployed my first VM series firewall in the AWS Public Cloud. I've made the security groups, attached ENIs to Network Interfaces, I can get to the GUI and I can see my traffic coming into my untrust interface just fine. On that untrust interface, I'm hosting a GlobalProtect Portal but can't access it. The traffic shows no retur...

AWS GuardDuty lambda rule generation

Hey all,I'm attempting to use the GuardDuty integration that's on github here: https://github.com/PaloAltoNetworks/pan_guard_duty I've gone through all of the steps but I get an error local and in lambda of:python lambda_fw_config.py<test_event.json[Lambda handler]Received event: nullTraceback (most recent call last): File "lambda_fw_config....

AWS changing aes for ike and ipsec doesnt allow traffic to pass

Hello,We have a successful tunnels to our VPC and traffic is passing. We used the AWS downloaded cofing to guide us on the PAN side. Now when I change the ike and ipsec settings to different ciphers, say from aes128 to aes256 the tunnel stays up and is extablished but we cannot pass traffic. Anyone else run into this? Thanks in advance!

Resolved! Azure vm-monitoring script for many subscriptions

Has someone used azure-vm-monitoring script to query VM-information from more than one subscription?The case is that we have many subscriptions and willing state is to use single instance of vm-monitoring script to query all the VM's from the all subscriptions and push that info to firewalls. What are the options?

ilkleh by L0 Member
  • 4846 Views
  • 3 replies
  • 0 Likes

Resolved! AWS ALB/NLB Sandwich - Cloud formation deployment failure.

Afternoon, I'm just curious if anyone has run into this before. I've tried 3-4 times today to deploy the ALB/NLB Load Balancer sandwich to no avail. The deployment guide seems pretty straight forward but still not having much luck. It seems to get to this spot, then fails back. Cloud Formation - Status: ROLLBACK_COMPLETE. I've tried in the Eas...

screenshot.jpg

PAN-VM Admin password problem on CLI and Web after PANOS upgrade

I did deploy pan-vm-300, with an ARM template, on the template I defined admin account and password. I got access and everything was operationalI upgraded it from 8.1.0 to 8.1.3. after that I am not able to log back in with the original credentials used on my ARM template.do anyone have an idea what is happening? Thanks in advance.

Kaliman by L2 Linker
  • 3362 Views
  • 1 replies
  • 0 Likes

Using the ELB Scaling v2.0 cfn templates

Hi, I am trying to use https://github.com/PaloAltoNetworks/aws-elb-autoscaling/tree/master/Version-2.0 for setting up a PoC. I went through the docs and was able to get a pair of PANFW running with some changes to the IAM roles required as per the cloud formation templates. The ALB (ELBv2) is exposed on port 80 on the frontend. But ALB seems to ...

jerrygb by L0 Member
  • 2354 Views
  • 0 replies
  • 0 Likes

AWS Multi-AZ HA Palo deployment with three zones

Hello, I'm looking for any walkthroughs using lambda functions to move the EIP between Palo's in two Availability Zones. My assumption would be EIPs in two subnets for each of the three zones. How to accomplish access to Prod and DMZ:S2S VPN connections to the Palos to prod and DMZ. ELB endpoints to Prod and DMZ. For public IP address, I assume ...

Palo Alto HA in AWS.JPG
Coveny by L0 Member
  • 2980 Views
  • 0 replies
  • 0 Likes

Resolved! AWS IPSEC VPN ISSUES with redundant tunnels

Hi We have around 6 different IPSEC tunnels configured on the PAN with AWS. However we are trying to troubleshoot an issue, which we think could be related to as asymmetric routing. For e.g if traffic is send from one tunnel, and AWS sends it via the 2nd tunnel, the PAN will be dropping these. So we have temporary disabled one of the active tunn...

  • 709 Posts
  • 107 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks