5/17/2023 0 Comments Pan firewallThe bootstrap file is not something I've incorporated into this template, but the template could easily be modified to do so. It is possible to create a base-line configuration file that joins Panorama post-deployment to bootstrap the nodes upon deployment of the ARM template. Below, we will cover setting up a node manually to get it working. Note: this article doesn't cover the concept of using Panorama, but that would centrally manage each of the scale-out instances in a "single pane of glass". In this case, I've written a custom ARM template that leverages managed disks, availability sets, consistent naming nomenclature, proper VM sizing, and most importantly, let you define how many virtual instances you'd like to deploy for scaling. In addition, I noticed a really strange error that if you specify a password greater than 31 characters, the Palo Alto devices flat out won't deploy on Azure. Personally, I'm not a big fan of deploying the appliance this way as I don't have as much control over naming conventions, don't have the ability to deploy more than one appliance for scale, cannot specify my availability set, cannot leverage managed disks, etc. In deploying the Virtual Palo Altos, the documentation recommends to create them via the Azure Marketplace (which can be found here: ). If you are looking for a single instance, you can still follow along. This can help ensure a single instance doesn't get overwhelmed with the amount of bandwidth you are trying to push through it. ![]() ![]() Please note, this tutorial also assumes you are looking to deploy a scale-out architecture. The steps outlined should work for both the 8.0 and 8.1 versions of the Palo Alto VM-Series appliance. At a high level, you will need to deploy the device on Azure and then configure the internal "guts" of the Palo Alto to allow it to route traffic properly on your Virtual Network (VNet) in Azure. ![]() ![]() This is more of a reflection of the steps I took rather than a guide, but you can use the information below as you see fit. Here is a recap of some of the reflections I have with deploying Palo Alto's VM-Series Virtual Appliance on Azure.
0 Comments
Leave a Reply. |