Enhanced Security Measures in Place: To ensure a safer experience, we’ve implemented additional, temporary security measures for all users.
08-18-2023 12:57 PM
Best option HA Palo Alto AWS - VPN Site to Site - Full fail over no balancing
Hello, how are you doing, I hope you are well.
In your experience, those who are clear about it and those who are not, what is the best way to implement an HA in AWS?
I understand that for full Native HA from Palo Alto, it can be done in two ways according to a Palo Alto article, where the configurations are synchronized by the HA, but there is the limitation of the same availability zone.
Now when it is in different AZ of AWS you cannot use the native HA and you have to rely on a balancer and if you do not want to do the config manually you must have a Panorama.
We have in summary for both:
Case 1: same AZ of aws, Mandatory Balancer and native HA, without the need for Panorama.
Case 2: different AZ from aws, balancer mandatory, not native HA, recommended use of Panorama.
According to your experience, considering that they will be used for Site to Site VPN, therefore it must be Full Fail over mode at the Balancing level, what is the best recommendation to love the HA of Palo Alto on AWS? With which have you had the best results?
Stay tuned
Thank you for your time, collaboration, good vibes
Greetings
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
