Hub and Spoke VPN

Hello,

We have one PA firewall in azure cloud and rest we have Sophos on Mutiple sites with Dynamic IP's

We want to configure Hub and spoke VPN. with all sophos means PA site is Hub and rest of the site Spoke we dont want mutiple tunnel of each and

Azure PA HA DNS

Hello community 

I'm running an v9.1.x Active\Passive cluster on Azure and we had several problems with the "quick" failover.

Because I need the firewall(s) to perform DNS resolution on internal fqdn objects I had them configured with private DNS serv

AWS Reference Architecture, Subnet Sizes and Automation

1. The AWS Reference Architectures (AWS - Palo Alto Networks) and associated automation libraries all use a /16 CIDR for the Security VPC and a /24 for each subnet - including those for the TGW attachments and GWLB endpoints. AWS recommend deploying

Paloalto GWLB cluster IPsec tunnels with on-prem

Dear Team,

I want to deploy Paloalto 2 - VM-300 with integration of GWLB on AWS. both will be active and passing the traffic.

However i have referred Paloalto documents with two-arm mode and one-arm mode.

I will be having an IPsec connectivity

Unable to access the web end point when the VM series is deployed in Azure availibility zones

Hi Team,

I initially deployed firewall VM series in no zones.  Created each VM with the 3 interfaces(Management with public ip address), when It is deployed in no zones, I am able to access the web endpoint using public ip of the mgmt public IP.  h

Session synchronization for Azure VM series bundle2 with Applicaion gateway

Hi Team

Public cloud : Azure 

Plan : Bundle2

We are planning to setup the Azure VM series Palo Alto  on Azure cloud for one of the clinet and use the Application gateway as the load balancing solution.
as per the documentation(https://knowledgebase.palo

AWS: GWLB endpoint mapping in Central Design Model

I'm trying to understand the use of GWLB endpoint mapping in an AWS Central Design Model deployment, other than separating VPC traffic flows from that of the GWLB itself - or separating outbound from east-west.

In this model, the source zone on the

Configuration demonstration of this procedure

Hello;

I´m trying to deploy the next configuration https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClDBCA0#:~:text=As%20a%20reminder%2C%20multiple%20public,Multiple%20public%20IP%20support%20here. in azure, But I´m having is

How Do I create Multiple IPSec Tunnels in VM-Series on AWS from One VM to another VM In Azure?

Hi,

I am interested in knowing if we can create multiple IPSec Tunnels from a Palo Alto VM FW in one cloud to a Palo Alto VM FW in another cloud and bundle them together to get higher throughput to interconnect Public Clouds like AWS, Azure, OCI an

Amazon EC2 Maintenance: Instance scheduled for reboot "VM Series"

We recently got the following message from AWS regarding one of our VM Series firewalls:

"One or more of your Amazon EC2 instances are scheduled for maintenance. These instances are listed in the Affected Resources Tab. During this time, the instan

HA gateway pair in Azure?

In 2020, i worked on implementing a HA pair of VM300 gateways in Azure. At that time, use of API calls for node failover was problematic (several minutes for failover to complete), so the "load balancer sandwich" approach was taken.

Now, in 2024, h

GCP VPC Peering

Hi,

We are deploying PA VM in GCP (Common Firewall Deployment Architecture). Deployment Architecture is attached.

In Trust VPC we have configured Internal Load Balance (TCP), Created VPC Peering between Trust VPC & Web VPC.

From Trust VPC Instanc

High Availability on Public Cloud

Hi,

Does any one has implemented Palo Alto NGFW in HA on GCP.

If yes, than what will be the requirement for the same.