This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
VM-Series in the Public Cloud
The VM-Series is the virtualized form factor of the next-generation firewall. Use this discussion as a resource to discuss VM-Series deployments across public clouds like AWS, Microsoft Azure, Google Cloud Platform, Oracle Cloud, and Alibaba.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
VM-Series in the Public Cloud
The VM-Series is the virtualized form factor of the next-generation firewall. Use this discussion as a resource to discuss VM-Series deployments across public clouds like AWS, Microsoft Azure, Google Cloud Platform, Oracle Cloud, and Alibaba.
About VM-Series in the Public Cloud

Welcome to the VM-Series in the Public Cloud discussion forum! This community exists as a resource for you to discuss VM-Series deployments on AWS, Microsoft Azure, Google Cloud Platform, Oracle Cloud and Alibaba. We encourage you to engage in this rapidly growing community to share ideas, pose questions, and propose real-world solutions to any challenges that may arise.

Disclaimer:
This forum is provided for Live Community members to discuss and share information pertaining to the VM-Series deployments on AWS, Microsoft Azure, Google Cloud Platform Oracle Cloud and Alibaba. Please use the information from this forum at your own risk and make sure to test and verify proposed solutions presented here. For information on contacting Palo Alto Networks support, click here.

Discussions

Start a conversation

Welcome to the VM-Series in the Public Cloud Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating: Rules and Best Practices Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussions are encouraged; disrespectful or inflammatory comments are not. Stay On-Topic: This board is d...

JayGolf by Community Team Member
  • 3526 Views
  • 0 replies
  • 0 Likes

Resolved! AWS ELB one to one relationship with backend

According to the documentation, if you don't have an ELB sandwich then there is a one to one relationship between the firewall and the back end server. I spoke to support and the answer was the fact that you can only have one ENI attached per subnet. My customer has an existing IAAS stack and wanted only 1 FW per AZ. But the proxy servers in the...

Screenshot 2018-04-12 14.29.35.png
PerryK by L2 Linker
  • 3257 Views
  • 2 replies
  • 0 Likes

Resolved! AWS Transit VPC GitHub Solution Question

Does any one know for the following solution (https://github.com/PaloAltoNetworks/aws-transit-vpc) if you are have a shared services account where the Transit devices are going if the initialize Transit CFN and the Subscriber CFN both have to be run in the same account?

AWS VM-FW, user integration with AD on AWS

Good day! How'd you doing guys? I've faced one situation about integrating user-id on AWS environment. VM firewall's running on the AWS and newly created server, which is AD also running on the AWS too.I've checked the both the VM firewall and the AD server's commnuication with ping check. However, whenever I've tried to integrate the AD users t...

VM-300 in Azure sizing and resiliency

Hi All, im trying to spec up a resilient HA solution for the VM-300 series PAYG bundle 1 option within azure, and just need the following clarified:-- if i were to purchase the VM-300 option 1 bundle (https://azuremarketplace.microsoft.com/en-us/marketplace/apps/paloaltonetworks.vmseries-ngfw?tab=PlansAndPrice) does this mean i also need to purc...

tchark by L1 Bithead
  • 6633 Views
  • 5 replies
  • 0 Likes

Resolved! Troubleshooting classic ELB

I have a support call scheduled for tomorrow but if anyone has any ideas about this that would be greatly appreciated. I deployed the classic ELB template example successfully. My customer then took the firewall.template and integrated it into their stack making it a nested stack feeding it all the parameters required. The firewalls come up in a...

PerryK by L2 Linker
  • 6275 Views
  • 5 replies
  • 0 Likes

Resolved! vpc-classic-v1.2.1.template issues

So I deployed this template exactly as described on the site. I kept all the default pre-populated settings where possible and used my own S3 buckets. Tried it both with and without nat gateways. This is with 3 AZ in us-east-1. All the AWS artifacts get created, the nested stack gets created, but the firewalls do not! I checked the logs from the...

PerryK by L2 Linker
  • 4025 Views
  • 3 replies
  • 0 Likes

Can PA block IP address in X-Forwarded-For ?

Hello, I built the sandwich type with external ELB & internal ELB.As you know, external ELB shifts original client IP to X-Forwarded-For.I enabled 'Use X-Forwarded-For Header in User-ID and I looked XFF IP in user-id of URL Filtering logs.But PA has not shown XFF IP in traffic logs. I would like to block XFF IP using user-ID. If anyone knew ...

Resolved! Finding Serial # and CPU ID from AWS

So frustrating! I have been trying to register with Palo Alto so I can be authorized to use my VM I set up in AWS. No one I have asked seems to know where I can get the following information to use my VM and see the PA portal. If anyone can tell me exactly where I can find this information, please let me know. Thanks.

serial.png

Resolved! VM-Series in Azure Marketplace charges

Some basic cost based questions here from a newbie: After deploying Bundle-1 of the PAYG VM-300 series from the Azure Marketplace:- if I "stop" the instance, I won't get Azure compute charge BUT will Palo Alto continue to charge me for the license or other misc charges? [I understand storage charges will continue]- will stopping the instance m...

kjsteven by L0 Member
  • 6580 Views
  • 3 replies
  • 0 Likes

Site-to-Site VPN from a Palo Alto Firewall in the AWS.

Folks,We have provisioned a Palo Alto Firewall in one of the AWS VPC. This is essentially a single legged deployment and the function of this firewall will only be to act as a transit firewall. This firewall will have VPN connectivity to the corporate firewall and to some other remote VPC's. Traffic filtering will be done on this Palo Alto Firew...

nson2139 by L3 Networker
  • 18794 Views
  • 15 replies
  • 0 Likes

AWS securing outbound communication in private subnet

I've a private subnet in AWS that needs to be locked out from Internet access. But the instances in this private subnet need to access specific set of hosts (say update.java.com, update.ubuntu.com etc). Obviously the IP address associated with these hosts are dynamic. Does Palo Alto Networks Firewall (or any other solution) solve this scenario? ...

foobar7 by L1 Bithead
  • 6270 Views
  • 5 replies
  • 1 Likes

Looking for a recommendation for Azure "internal Load balancer" when using PA redundant Firewalls

Hi, I have deployed redundant PA Firewalls with the internal Azure load balancer to provide resiliance - thos is working however the "internal load balancer has significant limitations. I am looking to see if anyone has any recommendations for 3rd party load balancer (taking into account cost and operation in this environment) The limitations o...

alosty by L0 Member
  • 13424 Views
  • 10 replies
  • 0 Likes

IPSec VPN from EC2 server to remote Palo Alto possible?

Folks. I have a requirement for setting up an EC2 Windows server in a remote Amazon region for receiving files. On this server, I need some custom API stuff (easy) to allow file transfer from the Internet - but I also need a secure VPN to my normal site elsewhere to I can connect to several databases and other services which are *not* available ...

darren_g by L4 Transporter
  • 3072 Views
  • 1 replies
  • 0 Likes
  • 709 Posts
  • 107 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks