Our Company has opted to deploy Palo Alto Firewall (VM 500 Series) in our Azure environment. One of my requirements is to establish connection between this Palo Alto Firewall and the Express Route Gateway in Azure. I would like to know if anyone here is able to setup this? if so, can you please tell me how to do so?
there is no special configuration needed on the Palo side. You have only to make sure you route traffic correct on the azure side and that the Firewalls has the route configured too.
Check this out https://www.paloaltonetworks.com/resources/guides/azure-transit-vnet-deployment-guide you can compare the configuration for backhaul. it dosen't matter if it is a VNG or Express route
I also have another question.
When we deploy the Palo Alto Firewalls in HA (Active/Standby), how effective is the failover?
I mean if we force a failover or a failover happens because of a failure, Does it take a lot of time for the failover?
it will not chance anything because the problem is not our firewall the problem is on the Azure side and detach and attach process.
so it will be still between 2-5 min.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The LIVEcommunity thanks you for your participation!