When adding public ips to vm firewall, I want to know the maximum number of ips that can be added.

cancel
Showing results for 
Search instead for 
Did you mean: 

When adding public ips to vm firewall, I want to know the maximum number of ips that can be added.

L1 Bithead

hello
There was a request from a customer to use the PaloAlto VM firewall.
In response to the customer's request, the contents of the link below have been delivered to the customer.
https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000PLlVCAW

After checking the contents of the above link, the customer has asked us additional questions.

1. At the bottom of the link above, the following mention is made. "You will also need to configure the same on the firewall interface in order to start receiving traffic for the new Elastic IP Address."

Does this mean that the customer needs to configure the PaloAlto VM firewall in use? I've been looking for a tech article on how to do that configuration, but I haven't been able to find it yet. I would really appreciate it if you could help me find it.

2. The VM firewall that customers are using currently has a total of five interfaces: eth1/3, 1/4, 1/5, 1/6, and 1/7. Considering the contents of the link above, the customer wants to know if it is possible to add up to 5 public IPs by adding one public IP to each interface.

3. Currently, the customer is using two vm firewalls and has a redundant configuration. Are there any precautions when working on the link above?

please answer about my question.
thank you.

4 REPLIES 4

L0 Member

Hello everybody,I see that You will also need to configure the same on the firewall interface in order to start receiving traffic for the new Elastic IP Address.

hello
Thanks for the comment.

I see what you said "I see that You will also need to configure the same on the firewall interface in order to start receiving traffic for the new Elastic IP Address." are looking for a way to Where can I find the relevant documentation? I also searched KB, Techdocs, but couldn't find anything related to it.

If that's ok, can you give me the address of a document with relevant content or how to set up the interface?

L2 Linker

What is the customer trying to do or what is the use case for having multiple Public IP Addresses?  Do you have a diagram?  I'd suggest taking a look at the Palo Alto Networks AWS Reference Architecture guide as well as the deployment guides.

Scott Thornton

Cyber Elite
Cyber Elite

Hi @MinSeob-KWON 

What the KB wants to say is the AWS (and Azure in this matter of fact) will assign only the first IP address over DHCP. If you assign multiple IP addresses to the interfaces in AWS console you must login to FW and configure all of these IPs as static entries - because DHCP will assign only the first one and FW will not be able to use the rest.

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!