An Introduction about Palo Alto Design in Azure Cloud. We have discussed, Transit VNet Model (Hub & Spoke Topology) Common Firewall model and Single VM series firewall.
Well explained. In the common firewall design with LB, when the traffic is flowing from VM1 to VM2 through the firewall, what would be source IP address in the firewall logs?. Will it be the LB IP or the actual VM1 IP?.
How about the outbound internet traffic? Can we route outbound internet traffic from multiple firewalls using outbound load balancers? That way it will always have same outbound public ip address.
Hello I have a question related to this .. Let's say we 2 NVA ( Palo Alto vm-300) in HA ( active passive) & I have 2 VMS as web servers Questions -- - I want to route both inbound and outbound (internet) traffic of web servers via NVA ... How should I do it ?? Should I have a internal azure lb >> add webservers as backend members to lb >> create a vip && point it towards the trust interface of NVA - Palo Alto ?? && For VMS have a UDR & default route towards the lb ??? What will happen if a failover happens at NVA - Palo Alto , how the traffic switch will happen in this case ??
Session will not eatablish since syn, syn-ack, ack will not be formed. Firewall 1 would expect the return traffic but the return traffic is coming on fw 3. So session will not bw formed. It wont work
Dear Singh, first of all I really appreciate for your feedback, Firewall 1 will do the SNAT, therefore the return traffic will come from firewall 1, I hope I have clear your confusion, incase if still it is not clear please do let me know I will explain you further
![How to Deploy Single Palo Alto VM in Azure [Palo Alto Set Up]](http://i.ytimg.com/vi/q-4V1zUVCjo/mqdefault.jpg)
i am searching Palo Alto firewall content on UA-cam, but this is the best video i watched. Many Thanks sir for providing this amazing concept on NVA
Hands down the best explanation for PA NVA Firewall Design in Azure.
you explained the difficult concept in deadly easy manner. Fabulous, Great job.
thank you
very well drawn diagrams, i appreciate the time spent on how neat they are.
Very well explained. Thank you so much
thanks for appreciation
A very thorough explanations, thank you for your work!
Glad you enjoyed it!
Great explanation. You should have more videos about the other design model in the guide.
nicely explained, but problem is Audio issue, Please fix that because withought proper Video/Audio even good content could not appreciated. Thank you
Well explained. In the common firewall design with LB, when the traffic is flowing from VM1 to VM2 through the firewall, what would be source IP address in the firewall logs?. Will it be the LB IP or the actual VM1 IP?.
Very well explained thank you it helped me in my new project
thank you for your kind words
you made me clear sir. U are best
Thank you
Awesome ...i feel very confident now setting this up :) Thank you Sir
welcome
How many VR per firewall? With back and frontend LB how do you do availability check of FW from LB?
Very well explained.. Good work
Great explanation
I am just confused about how this is configured in terms of availability sets , are you able to explain ?
Nice one
Do you provide an online training for Azure? If yes please let me know we are group!
Well explained! thanks much. Please bring more topics.
Fantastic explanation, thank you!
thank you Jack
Very well explained Thanks !
How about the outbound internet traffic? Can we route outbound internet traffic from multiple firewalls using outbound load balancers? That way it will always have same outbound public ip address.
superb explanation sir
Thanks for appreciation
How many VR per firewall? With back and frontend LB how do you do the check of FW from LB?
Very well explained. Thanks a ton Sir 🙏
thank you
Hi Sir, can you please share the lab setup or if you can setup this in lab and show us how we can achieve this
it is available in palo alto documentation
@@ee07168 can you share the link. and for lab on Azure which license i need to get
Thanks for the information and explanation
Wel come
Network Expert - Are you guys provide training to deploy virtual firewalls on aws and azure cloud.
Please let me know.
I can provide you a trainnig for +974-33703804
Hello I have a question related to this ..
Let's say we 2 NVA ( Palo Alto vm-300) in HA ( active passive)
& I have 2 VMS as web servers
Questions --
- I want to route both inbound and outbound (internet) traffic of web servers via NVA ... How should I do it ??
Should I have a internal azure lb >> add webservers as backend members to lb >> create a vip && point it towards the trust interface of NVA - Palo Alto ?? && For VMS have a UDR & default route towards the lb ???
What will happen if a failover happens at NVA - Palo Alto , how the traffic switch will happen in this case ??
Palo alto doest not support Unicase HA in azure , you need to deploy palo alto which have API script for failover
@@ee07168 I am deploying palo vm-300 series vNVA on azure from marketplace..
& it does have native support for failover of fw etc... Using native API
Very informative
nice one! thanks!
Masha Allah
It will be assymetric traffic
Session will not eatablish since syn, syn-ack, ack will not be formed. Firewall 1 would expect the return traffic but the return traffic is coming on fw 3. So session will not bw formed. It wont work
Dear Singh, first of all I really appreciate for your feedback, Firewall 1 will do the SNAT, therefore the return traffic will come from firewall 1, I hope I have clear your confusion, incase if still it is not clear please do let me know I will explain you further
hi, do you provide consultancy services? if yes, how do we reach out to you?
engr_sajid_khan@yahoo.com