Rekey causes VPN tunnel to stop sending network traffic
Welcome to the VM-Series in the Public Cloud discussion forum! This community exists as a resource for you to discuss VM-Series deployments on AWS, Microsoft Azure, Google Cloud Platform, Oracle Cloud and Alibaba. We encourage you to engage in this rapidly growing community to share ideas, pose questions, and propose real-world solutions to any challenges that may arise.
Disclaimer:
This forum is provided for Live Community members to discuss and share information pertaining to the VM-Series deployments on AWS, Microsoft Azure, Google Cloud Platform Oracle Cloud and Alibaba. Please use the information from this forum at your own risk and make sure to test and verify proposed solutions presented here. For information on contacting Palo Alto Networks support, click here.
Hi all,
May i know if anyone had experience setting up VM Series FW to ingest the syslog to Azure log analytic? Is it the only is to setup a new intermediate syslog server install with Azure AMA, the VM series will send syslog to the new syslog ser
...
Trying to figure out the ProductCodeID for each Palo Alto AMI on AWS Marketplace. On AWS, there are four of these: e9yfvyj3uag5uo5j2hjikv74n, a23dm9js55dw4ey8bzjcoq59u, 6njl1pau431dv1qxipg63mvah, hd44w1chf26uv4p52cdynb2o. On AWS GovCloud, there are s
...
Hello,
I tried to setup the nat, I can see my NAT and Security rule are being hit, but traffic is not flowing
Bundle 1
Interface Swap (tested this with no swap too, and it didn;t work)
All of the 3 interfaces disabled src destination
all of them same sg,
...
SSL decrytion works if i set custom url with host only like www.example.local, but failed to decrypt if i set it as 'www.example.local/image/'
i found article below, it should support custom url with host+path, but now i suspect will pan really s
...
I'm looking for some assistance on this issue whilst I progress a support case. Has anyone managed to get Active FTP working through a Palo VM-Series in AWS. I am getting a problem whereby the control connection outbound on port 21 is successful (y
...
There's plenty of discussions here and a couple of KB articles on adding disks to PAN VMs for extra logging space, but the only articles around for extending/increasing the size of the logging disk say to delete it and add a new one in its place. Dow
...
I am trying to setup an IPSEC Site-to-Site VPN between our azure and aws environment, both of which have VM-300 series fw's running. I am able to get the tunnel up and see traffic coming across the link, but when i try and reach a resource on either
...
Probably one of the most simple questions going, but coming from a large on prem environment, I'm trying to understand how its meant to look from an AzurePOV.
Typically, when we have a new server in say a /29 , i create a new sub interface for that vl
I have changed the instance type on my ec2 running PA-VM 10.2.4 from c5.2xlarge to c5.xlarged. As I know the VM license will be changed from VM-300 to VM-100 as well. After I changed, the VM License value on the dashboard was blank and the license wa
...
Hello Experts!
I have been given a problem statement and I need your help to understand this.
Problem statement: "How to configure and connect On-prem Palo Alto Firewall to manage Azure resources like Virtual Networks, Virtual Machines, etc."
Please
...
In the deployment guides and conversations I've had it seems that the PA-VM firewall in Azure is typically designed around only four interfaces: trust, untrust, mgmt, HA. Two zones only: Trust/Untrust. Subnets used to isolate traffic.
In my on-pre
...
I have PA-VA in Azure cloud, there is strange behavior for newly build VM 10.1.134.7 where logs are showing allow but machine not able to communicate to internet whereas existing VM 10.1.134.4 working fine.
I just added new VM 10.1.134.7 in the same
...
Just wanted to share my experience with recent project and make you aware of the change in Azure default behaviour, which can save you some troubleshooting.
As you may now, earlier this year Azure introduced Standard SKU for Load Balancers and Public
...
Can we get anyone explained the potential issues or risks when deactivating the PA-VM in AWS and reactivating them with different auth code?
Here is the use case:
We had a few PA-VM firewalls deployed in the different segments of our AWS environmen
...