This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
VM-Series in the Public Cloud
The VM-Series is the virtualized form factor of the next-generation firewall. Use this discussion as a resource to discuss VM-Series deployments across public clouds like AWS, Microsoft Azure, Google Cloud Platform, Oracle Cloud, and Alibaba.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
VM-Series in the Public Cloud
The VM-Series is the virtualized form factor of the next-generation firewall. Use this discussion as a resource to discuss VM-Series deployments across public clouds like AWS, Microsoft Azure, Google Cloud Platform, Oracle Cloud, and Alibaba.
About VM-Series in the Public Cloud

Welcome to the VM-Series in the Public Cloud discussion forum! This community exists as a resource for you to discuss VM-Series deployments on AWS, Microsoft Azure, Google Cloud Platform, Oracle Cloud and Alibaba. We encourage you to engage in this rapidly growing community to share ideas, pose questions, and propose real-world solutions to any challenges that may arise.

Disclaimer:
This forum is provided for Live Community members to discuss and share information pertaining to the VM-Series deployments on AWS, Microsoft Azure, Google Cloud Platform Oracle Cloud and Alibaba. Please use the information from this forum at your own risk and make sure to test and verify proposed solutions presented here. For information on contacting Palo Alto Networks support, click here.

Discussions

Start a conversation

Welcome to the VM-Series in the Public Cloud Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating: Rules and Best Practices Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussions are encouraged; disrespectful or inflammatory comments are not. Stay On-Topic: This board is d...

JayGolf by Community Team Member
  • 3502 Views
  • 0 replies
  • 0 Likes

Palo Alto Admin password reset in AWS

Hi There, If you encounter issues with forgotten admin or user passwords and are unable to log in to the firewall, you can access the firewall EC2 instance using the instance key pair and reset the admin password from there. There's no requirement to enter maintenance mode or perform a factory reset on the firewall. Enter the following co...

anuragk by L0 Member
  • 4227 Views
  • 1 replies
  • 1 Likes

Resolved! Core content from the show running resource-monitor command on a VM series firewall

The show running resource-monitor outputs the load rate for each core in the cpu usage part.It is evenly distributed in each core, so there is a case where there is no load factor, but only one output.At this time, I would like to know if the output to only one is really the load rate generated from that core or the load rate generated from all ...

Dasome_Kim_0-1711527775435.png

site to site vpn using a PA inside Azure

I'm trying to get an ipsec vpn working with a Palo gateway instance inside of Azure. Because Azure handles the public IP, and the Palo has no awareness of it, i expect NAT traversal will factor heavily. Has anyone got such a topology working? An old thread on this subject suggests that this is not the recommended approach - that Azure native v...

GCP Commits Taking long time

We have a couple VM-Flex(8-CPU) firewalls in GCP. Over time the commit times on these boxes have been going up. At this point they take nearly 30min to complete a commit from a Panorama push. This doesn't seem normal. We are using the Palo Recommended VM, and we are currently running 10.2.4 code with different hotfix versions on Panorama and the...

dkane66 by L2 Linker
  • 3898 Views
  • 0 replies
  • 1 Likes

Azure ALB sandwich with vm-series

Dear Team, I am aware that Sandwich deployments are possible on AWS. I would like to know if Sandwich configuration is possible on Azure as well. Azure knows that only one load balancer is connected. If anyone has a successful sandwich configuration, please let me know. I would appreciate it if you could share any related documents. ...

VM Series Licensing Methods

Hi Team, I have an doubt regrds the BYOL and PAY AS YOU GO methods in VM series. First can i use the credits in both the methods BYOL PAYG? If yes than how we can use it Second as per my understanding the BYOL require the auth code from the Customer support portal utilizing credits first ? for example if i buy 100 creds so i need to done ...

Resolved! VM-Series bootstrap in AWS - content packages not getting installed

Hi everyone, I am currently trying to register a newly created VM-Series firewall to Panorama.The bootstrap process is working and the firewall can register to Panorama, nevertheless, it cannot apply the configuration pushed by Panorama since the content update packages are not installed and therefore some objects like EDLs from Palo Alto are no...

Restore Szenario for Azure PA_VM

As I'm searching for any kind of backup/restore concepts for a installed PA_VM from Marketplace in Azure, I did not find much.Scheduled config.xml backup is implemented and stored external. What else should be done to have a good working restore concept, or is recommended to have a HA installation? If the FW VM fails in any way is it possible t...

T.Sinner by L0 Member
  • 1124 Views
  • 0 replies
  • 0 Likes

create vpn nodes on cloud

Hi i would like to use palo alto as a 4 nodes vpn gateway on cloud, how can i configure them? do i need load balancer in front? back? can't find documentation on how to setup palo alto nodes on cloud that will be used for vpn gateways thanks

kalledog by L0 Member
  • 1096 Views
  • 0 replies
  • 0 Likes

VM Series in Azure Active/Active

Hi I would like to have this configuration (see picture) for both inbound, outbound and east west and on prem via vpn and expressroute Is that the best solution to achieve this? are all the firewalls active active? I cannot find documentation on setup of this active / active Thanks

Screen Shot 2024-02-08 at 13.18.23 PM.png
kalledog by L0 Member
  • 2249 Views
  • 2 replies
  • 0 Likes

Resolved! Clarity on Overlay routing with GWLB for Combined (Centralized Egress + Distributed Ingress) deployment model

Hi, I am looking for some clarity on the Overlay routing feature on VM Series FW. I am using the Combined (Centralized Egress + Distributed Ingress) deployment model described in this Securing Application in AWS - Centralized Model Deployment Guide. In this pattern, overlay routing is enabled so that the FW can handle both inspection and NAT...

Screenshot 2024-02-04 at 1.31.23 PM.png

Hub and Spoke VPN

Hello, We have one PA firewall in azure cloud and rest we have Sophos on Mutiple sites with Dynamic IP's We want to configure Hub and spoke VPN. with all sophos means PA site is Hub and rest of the site Spoke we dont want mutiple tunnel of each and every site. Request will come from the peer site with dynamic IP's is this configuration is pos...

jhussain1_0-1706876545946.png

Azure PA HA DNS

Hello community 🙂I'm running an v9.1.x Active\Passive cluster on Azure and we had several problems with the "quick" failover.Because I need the firewall(s) to perform DNS resolution on internal fqdn objects I had them configured with private DNS servers running on Azure VMs. While digging in to the failover issue I observed that the new active ...

  • 704 Posts
  • 107 Subscriptions
Latest Comments
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks