PA VM - Active/Passive on Azure availability set

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.

PA VM - Active/Passive on Azure availability set

L0 Member

I have few firewalls in active/Passive HA and few more to built. I'm not using Loadbalancer / App gateway to load blance traffic between firewalls. 

Can I use availability set and place the HA members on respective fault and update domain.

   ex FW1 Update domain :0 Fault domain: 0

        FW2 Update domain :1 Fault domain: 1

Couldn't find any document for this.

Does this scenario support high availability?

 

1 REPLY 1

L2 Linker

In an active Passive scenario you do not need a Load Balancer.

For the Active/Standby Scenario this is what I did

 

1. Deploy the Azure VM's in a availability set

2. Do the HA app registration with the Azure AD and then make sure this App registration has the Subscription contributor roles assigned to it for the subscription where the Palos are deployed

3. if the palo VM's are going to have Public IP's associated with the NIC then make sure you use the basic SKU for those Public IP's

 

Doing these I got the active/standby situation working for me, however the failover time it takes 6-8 mins in the least.

  • 2220 Views
  • 1 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!