This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
VM-Series in the Public Cloud
The VM-Series is the virtualized form factor of the next-generation firewall. Use this discussion as a resource to discuss VM-Series deployments across public clouds like AWS, Microsoft Azure, Google Cloud Platform, Oracle Cloud, and Alibaba.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
VM-Series in the Public Cloud
The VM-Series is the virtualized form factor of the next-generation firewall. Use this discussion as a resource to discuss VM-Series deployments across public clouds like AWS, Microsoft Azure, Google Cloud Platform, Oracle Cloud, and Alibaba.
About VM-Series in the Public Cloud

Welcome to the VM-Series in the Public Cloud discussion forum! This community exists as a resource for you to discuss VM-Series deployments on AWS, Microsoft Azure, Google Cloud Platform, Oracle Cloud and Alibaba. We encourage you to engage in this rapidly growing community to share ideas, pose questions, and propose real-world solutions to any challenges that may arise.

Disclaimer:
This forum is provided for Live Community members to discuss and share information pertaining to the VM-Series deployments on AWS, Microsoft Azure, Google Cloud Platform Oracle Cloud and Alibaba. Please use the information from this forum at your own risk and make sure to test and verify proposed solutions presented here. For information on contacting Palo Alto Networks support, click here.

Discussions

Start a conversation

Welcome to the VM-Series in the Public Cloud Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating: Rules and Best Practices Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussions are encouraged; disrespectful or inflammatory comments are not. Stay On-Topic: This board is d...

JayGolf by Community Team Member
  • 3502 Views
  • 0 replies
  • 0 Likes

VM Series in AWS

Can anyone point me to AWS configuration information. I currently have my prem fw setup in a ptp vpn using AWS VPN gateway. Now i want ot setup a vm-series in AWS and i have a few questions.

GFN182 by L2 Linker
  • 3032 Views
  • 2 replies
  • 0 Likes

AWS Tags in Panorama

Is it possible to somehow populate the VM Information Sources information (which can collect AWS tags or VMware information) in Panorama? I am specifically looking to use AWS Tag information in a Dynamic Group(s) within Panorama. Doing this within the firewall locally appears to work fine, just not within Panorama.

Resolved! AWS ELB behind firewall with public HTTPS traffic forwarded to it

I have setup a classic internal ELB with traffic forwarded to 2 AD FS severs. Internally, by creating a CNAME entry with the FQDN for the ELB, the load balancer forwards to each of the AD FS servers as it should. I have the necessary NAT and security policies as well as policy based forwarding rule as this is the 2nd public interface with forwar...

Resolved! Update Azure VM agent on VM-Series

Hi, Does anyone know the command to run via SSH to update the linux Azure VM agent? None of the ones listed in URL below appear to work: https://docs.microsoft.com/en-us/azure/virtual-machines/linux/update-agent Thanks,Jag

Resolved! How to configure "interface-management-profile" using Ansible.

Hello Paloalto, Do we have any playbooks to configure the "interface-management-profile" for the trust and untrust network post deploying Paloalto on AWS.... I do see that there is a CLI to do it but i'm more intrested to understand if there is a playbook to achieve the same... https://live.paloaltonetworks.com/t5/Configuration-Articles/How-to-C...

Anish123 by L1 Bithead
  • 5516 Views
  • 3 replies
  • 0 Likes

NAT commit failure in AWS

Hi , We have three PA firewall ASG's running in our environment. Everything was working fine since 23rd of August. On 23rd of August two of the firewalls have gone down and as a part of predefined auto scaling policy, two new PA ASG/firewalls spun up with issues. The bootstrap process for both of them have issues as they have not been updated wi...

Multiple public IP configuration on AWS

I require the same ports to be forwarded to different servers in our Amazon VPC. I've set up 2 interfaces each with their own EIPs and attached them to the VM-300. Traffic flows properly to the first server and the IPsec tunnels work through the first interface. Setting up the 2nd public interface with the same settings as the first and creating...

PA in Azure VM

Is anyone finding that the min VM required to run PA in Azure is expensive? It does not appear that it lets you size down teh VM ? Any recommendations thanks

Static NAT in Microsoft Azure

Need to Map internal server with Public IP (Static NAT ) with specfic ports exposed to the internet. I belive the public IP needs to be associated with Azure load balancer . Request some one to share the config of azure as well the Palo alto config .

Amaresh by L1 Bithead
  • 13446 Views
  • 5 replies
  • 0 Likes

ARM template Azure

We want to create a firewall with four or more interfaces (instead of the default 3) in Azure. We understand that for this to work, we will need to use ARM templates. I have downloaded the ARM-template from here and edited it to contain four interfaces: https://github.com/PaloAltoNetworks/azure/tree/master/vmseries-avset I have deployed my edite...

mathiasj by L1 Bithead
  • 6184 Views
  • 4 replies
  • 1 Likes

Building/Updating IPsec Tunnels Dynamically

Hi, We have roughly 30-40 VPN tunnels built to AWS from on-prem, each being used by a different business unit for development. What happens though, is during their process they are forced to blow away their EC2 instance and create a new one. AWS then assigns new public IPs to them. Is there any way for us to pull that information in and have our...

nicford by L2 Linker
  • 3004 Views
  • 1 replies
  • 0 Likes

Resolved! Cannot ping FW from CentOS connected VM

Dear experts; I have the following setup in Azure: CentOS-1 --------(fwVNET/Trust)-----FW----------(fwVNET/Untrust)-----CentOS-Untrust But I cannot ping FW interface even with all Mgmgt profiles and addresses configured (which are in same subnet obviously). All NSG's in Azure allow ICMP, and even SSH is not allowed. Can anyone help?

Resolved! Azure deploy avset github ARM template with managed disks

Hello, We are going to deploy a couple of PA firewalls with this templatehttps://github.com/PaloAltoNetworks/azure/tree/master/vmseries-avset It's a nice start, but we want some changes to be made. And I was hoping someone could help out with the following additions/changes. - Just one choice as vm size : DS4_v2- No storage account, but instead...

  • 704 Posts
  • 107 Subscriptions
Latest Comments
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks