Has anyone been successful in converting their VM-series appliances running in Azure Government to FIPS-CC mode? The SSH keys I created and allowed for FW management prior to the conversion were wiped out and resetting the keys via the Azure portal d
...
Hello there,
Currently doing POC and deployed a VM-Series with AWS Gateway Load Balancer/TGW mentioned here
I was able to inspect the traffic inbound traffic as my security vpc (TGW/GWLB/VMSeries)a nd Spokes VPC (Application) is in the same region. An
I have a "HA" pair of firewalls in Azure sitting behind an external Load Balancer. I have a FTP server that I have to configure behind the firewalls. I am able to connect locally to the FTP server and it works as expected, but when I point the FTP c
...
Hi All
Has anyone else had a play with the GWLB on AWS?
I've here a topology hub and spoke base on this link:
https://aws.amazon.com/pt/blogs/networking-and-content-delivery/centralized-inspection-architecture-with-aws-gateway-load-balancer-and-aws-tra
...
Hi All,
I want to configure Active/Passive HA on AWS, but both the PA-Instance should be in different AZ. How can we achieve this?
I have referred below article: https://docs.paloaltonetworks.com/vm-series/9-1/vm-series-deployment/set-up-the-vm-series
...
Hello,
i want to do a packet capture on a VM interface using Network Watcher for some traffic on our VM-300 series NGFW but our CSP advises this is not possible. The extensions section in Azure seems to confirm this.
can anyone advise if this featu
...
I've got a rather bizarre setup that I'm trying to integrate with a new customer using a vm-series 300 in AWS. I have setup and established an IPSEC tunnel (that even comes up when we attempt to send traffic over the tunnel). Where it gets complicat
...
I've become stuck on an issue getting inbound traffic working to a resource in a subscriber VNET behind a transit VNET where firewalls are configured.
I think I'm missing something obvious, and thought I would bounce ideas off of the community here.
...
I am having the attached topology. I have two ipsec tunnel from two vm series paloalto to same peer ip which is in prisma cloud.
on trust side I have an Azure load balancer which would send traffic to 2 firewalls and having a health probe as ssh to
...
Hi all,
I am having recurring issues deploying zone protection profiles for VM series firewalls in Azure, from Panorama templates, revolving around SCTP settings, whenever I try to push the template the commits are failing with the below error -
Team,
We have the pair of PA-VM deployed in HA A-P mode. The log-forwarding facility is enabled and the logs are being forwarded to the external Syslog-Server.
It is noticed that the Passive node is not sending any logs to the Syslog-Server. Only the
...
Hello,
We need to deploy two VM series firewalls on AWS cloud in HA. Both firewalls will be in different AZ. I have below questions-
1. Is it possible to do such configuration?
2. If yes, please share any reference guide?
Thank you in advance
Hello... is it possible to install that Azure Network Watcher VM extension to enable traces and packet captures from the PA VM to the Azure gateway? It would be handy to help troubleshoot connectivity issues between the PA and the GW. Thank you.
I have a ESXI Server with firewall (Inside, DMZ and Outside) zones
Palo Alto has a rule to allow interzone traffice from inside to outside
Palo Alto has NAT configured for Outside Interface
When I try to ping from host to host on in the same port g
...
Hi team, we are working in a lab environment, following the recommended architecture manual:
https://www.paloaltonetworks.com/apps/pan/public/downloadResource?pagePath=/content/pan/en_US/resources/guides/gcp-shared-vcp-deployment-guide
We have followed
...
on:
Azure Deployment instructions don't work - web interface won't load
on:
GWLB Sub-Interface
on:
Azure refarch template broken
on:
Issues with Overlay Routing and AWS Gateway Load Balancer
on:
New interface at Palo-alto VM in AWS EC2 instance not turning UP
on:
When adding public ips to vm firewall, I want to know the maximum number of ips that can be added.
on:
Palo in AWS to Azure VPN Gateway
