Welcome to the VM-Series in the Public Cloud discussion forum! This community exists as a resource for you to discuss VM-Series deployments on AWS, Microsoft Azure, Google Cloud Platform, Oracle Cloud and Alibaba. We encourage you to engage in this rapidly growing community to share ideas, pose questions, and propose real-world solutions to any challenges that may arise.
Disclaimer:
This forum is provided for Live Community members to discuss and share information pertaining to the VM-Series deployments on AWS, Microsoft Azure, Google Cloud Platform Oracle Cloud and Alibaba. Please use the information from this forum at your own risk and make sure to test and verify proposed solutions presented here. For information on contacting Palo Alto Networks support, click here.
Hello,
Question about GWLB and sub-interface mapping. If I have 2 VPCs (VPC-Shared and VPC-Production) and I associate VPC-Shared with a GWLB Endpoint to sub-interface e1/1.100 on a zone also named VPC-Shared and VPC-Production with an endpoint to e
...
Anyone already succeeded in getting IPv6 addresses working on our FW in Azure or AWS?
Trying to get the mgmt-interface use an IPv6 address in order to connect to IPv6 Panorama.
If required this can also be done via DP interface and service routing.
Tr
...
We deployed a Palo Alto VM-300 in an existing Azure tenancy. During the process to move public IP Addresses from the Virtual Machine to the Palo Alto Untrusted Interface we ran into the following error.
"Network interface associated with virtual m
...
hello
There was a request from a customer to use the PaloAlto VM firewall.
In response to the customer's request, the contents of the link below have been delivered to the customer.
https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000
We are trying to implement a zero trust environment inside our AWS cloud. We are using a transit gateway deployment, and have all traffic going through a secuirty vpc which houses a pair of PA-VM's. These firewalls are reached by the other VPC's thro
...
Hi All, I am trying to setup a site-to-to site VPN between Palo (v9.0.1) and Azure VPN gateway.
I have a question and an issue that I am trying to resolve...
NAT-T should be enabled in the gateway settings since AWS NATs everything?
This is the error
...
https://github.com/PaloAltoNetworks/ReferenceArchitectures/tree/master/Azure-1FW-3-interfaces-existing-environment-BS
This is broken as of about 2 weeks ago from this post.
New, undocumented field called "Custom Data" - need to state what needs to be
...
We've deployed VM-Series into AWS INSPECTION VPC implementing the documented approach around use of a Gateway Load Balancer (GWLB) as an Endpoint Service then Endpoints in APPLICATION VPC so that inspection can be achieved when North/South traffic en
...
Hi all, try to figure out what will happen to my Vm-series FW in Oracle Cloud if I lower my vCpu count. Will the firewall know that the cores changed and adjust or will just crash? I'm using OCPUs and it doubles the vCPU when enabled. Thanks
Hi folks,
We got a customer who needs to authenticate firewall admins (PA management) against Azure SAML.
Azure only allows you to specify a unique SSO URL being the type https://<Customer Firewall FQDN>:443/SAML20/SP
Problem is, this is a standard Ac
...
VM-Series firewall can deploy with Flexible vCPUs model.
Is it any reference to determine the throughput with different number of CPU such as "throughput versus CPU" table?
As I know when the throughput needs change, I can simply allocate additional
...
On a PA-VM (VM500, SW ver- 10.0.8-h8.) in Amazon cloud EC2 instance, i am struggling to create a new interface and bring it up, tried below steps already-
1. Created an ENI and attached to the respective EC2 instance.
2. Source/Destination check disabl
Hey all,
I need to upgrade a PA-VM 300 (m5.xlarge) series running on AWS Plataform from 9.1.6 to 10.1.5-h1.
Upgrade path will be the following : 9.1.6 => 9.1.14 => 10.0.0 => 10.0.10 => 10.1.5-h1
As this is a Stand-Alone FW, I will need to have
...
I have a pair of VM300 gateways running 9.1.13 in Azure. I'm using a 'load balancer sandwich' approach to provide active active HA.
The public load balancer in front of the firewalls does a good job of delivering inbound traffic. However, routing to
...
Hi,
I have the experience how to upgrade PAN os with ON-PRIMES .But I don't know how different on AWS and what is impact.I would like to upgrade my PA on AWS.
my pan-os is 8.1.So It is very old . I would like to upgrade latest version. So let me know w
...
reaper
on:
Core content from the show running resource-monitor command on a VM series firewall
reaper
on:
Hub and Spoke VPN
| Subject | Likes |
|---|---|
| 1 Like | |
| 1 Like |
