This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
VM-Series in the Public Cloud
The VM-Series is the virtualized form factor of the next-generation firewall. Use this discussion as a resource to discuss VM-Series deployments across public clouds like AWS, Microsoft Azure, Google Cloud Platform, Oracle Cloud, and Alibaba.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
VM-Series in the Public Cloud
The VM-Series is the virtualized form factor of the next-generation firewall. Use this discussion as a resource to discuss VM-Series deployments across public clouds like AWS, Microsoft Azure, Google Cloud Platform, Oracle Cloud, and Alibaba.
About VM-Series in the Public Cloud

Welcome to the VM-Series in the Public Cloud discussion forum! This community exists as a resource for you to discuss VM-Series deployments on AWS, Microsoft Azure, Google Cloud Platform, Oracle Cloud and Alibaba. We encourage you to engage in this rapidly growing community to share ideas, pose questions, and propose real-world solutions to any challenges that may arise.

Disclaimer:
This forum is provided for Live Community members to discuss and share information pertaining to the VM-Series deployments on AWS, Microsoft Azure, Google Cloud Platform Oracle Cloud and Alibaba. Please use the information from this forum at your own risk and make sure to test and verify proposed solutions presented here. For information on contacting Palo Alto Networks support, click here.

Discussions

Start a conversation

Welcome to the VM-Series in the Public Cloud Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating: Rules and Best Practices Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussions are encouraged; disrespectful or inflammatory comments are not. Stay On-Topic: This board is d...

JayGolf by Community Team Member
  • 3502 Views
  • 0 replies
  • 0 Likes

Confirm if Azure App Gateway documentation is correct

https://www.paloaltonetworks.com/documentation/80/virtualization/virtualization/set-up-the-vm-series-firewall-on-azure/deploy-the-vm-series-and-azure-application-gateway-template/start-using-the-vm-series--azure-application-gateway-template/sample-configuration-file Address objects—Two address objects, firewall-untrust-IP and internal-load-balan...

Knowledge Base article Limiting access to AWS S3 buckets - Solution is misleading

Dear Knowledge Base Team, The article https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClDICA0 discussing Limiting access to AWS S3 buckets contains wrong instruction. The author did not understand what was the difference between AWS S3 service and S3 bucket. It is impossible to deny access to an S3 bucket using AWS IP a...

JamesRen by L1 Bithead
  • 3728 Views
  • 0 replies
  • 2 Likes

Resolved! Quick Question about Azure AppGateway VM Series Deployment

We have an existing environment where Palo Alto VM Series was deployed by somebody who is no longer at the company.I was told that it has never worked. Primary purpose of the firewall is to secure inbound web traffic.Current configuration is: AppGateway->LB->2 VM Series->ILB->Web Servers VM Series VM's had 3 Network interfaces.I can ...

Palo VM300 Azure routing issues?

Working with a Palo VM300 series in Azure and have some issues that I just can't figure out... We have the VM inside of a 10.x.x.x/16 subnet. 1 subnet (10.x.x.x/24) carved for each of the interfaces (trusted, un, mngmt) and 4 more subnets for various other VMs and such. We have UDRs setup for all 3 interfaces as well as a UDR setup for the othe...

PA VM 300 behind AWS ALB

Hi All, Recently we have deployed PA VM 300 along with CSR in Transit VPC. Have implemented AWS ALB in front of palo for connecting to one of the web server behind the palo. Now, I want to connect to another webserver which is hosting a different application. I am confused how do we achieve this. abc.com ---> ALB(80)-->untrust(Nat to webse...

Seema by L0 Member
  • 2951 Views
  • 1 replies
  • 0 Likes

Resolved! HA configuration in the AWS

Folks,some what confused on how to start with this. I went through all the documentation which talks about an IAM policiy and definining roles ubt am not able to get where to configure this. My requirement is to have a firewall with an untrust/trust interface and a management interface. I believe I will need an additional HA interfaces as well. ...

nson2139 by L3 Networker
  • 3885 Views
  • 1 replies
  • 0 Likes

Azure - Access to External Azure resources

We have a servers running in Azure with a B2B. Recently they started using BLOB storage and to load the data into the blob it goes to a public IP outside of our B2B. We like to control where our Servers go out to the internet but the problem is that there 100's of addresses (maybe a 1000) that are used by AZURE in North America) Does anyone ha...

PaloAlto Redundant VPN tunnel with NAT-T between datacenter and AWS environment

Dear All, Can you share your views/suggestions for below questions. Thank you1. What is the standard best practice for setting up redundant VPN tunnel with NAT-T with PaloAlto between datacenter and AWS customer environment2. Can we have two PaloAlto FW in two different vlans as Active-Active configuration without any sort of sync between them b...

2x Transit VPCs in the same account?

I have built a Lab Transit VPC + Sub config and am planning to add Non-Lab Transit VPC + Subs config. I'd like to use the same account for both Transit VPCs. Has anyone tried this? I would prefer not to break the existing Transit-Lab by standing up another, hoping that someone has tried this before. Cross posted on Git.

jschamp by L0 Member
  • 3418 Views
  • 3 replies
  • 0 Likes

site to site IPsec tunnel between PA and AWS

HI members Has anyone had an experienced setting up a site to site tunnel between AWS and PA?I have set up the IPSEC tunnel on my PA (we did use the parameters as per aws downloaded file). The issue is if I use the server's public IP (actual source) on AWS end as in proxy ID instead of private IP, the other end can't access my server. In our en...

R_Sharma by L2 Linker
  • 5833 Views
  • 5 replies
  • 0 Likes

Resolved! AWS Transit VPC -VPN with PA VM-300

Hi, Did anyone built Transit VPC Deployment using Palo Alto VM-300 series firewall? We are planning to provision 1XVM-300 firewall appliance in each AZ of transit VPC. However I am concerned about number of VPN tunnels each device can handle? Are there any VPN limitatons with PA VM-300 running on AWS ? Thanks,

Networking-UDRs-in-Azure-Inserting-the-VM-Series-into-an-Azure

Hi Team, I am new to Paloalto and have some queries with regards to deployment of Paloalto on VM series Firewall on Azure. https://www.paloaltonetworks.com/documentation/71/virtualization/virtualization/set-up-the-vm-series-firewall-in-azure/about-the-vm-series-firewall-in-azure Upon search we found > The VM-Series firewall in Azure does not ...

sougata by L1 Bithead
  • 10605 Views
  • 11 replies
  • 0 Likes
  • 704 Posts
  • 107 Subscriptions
Latest Comments
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks