Prerequisites for VM-Series
  • PDF

Prerequisites for VM-Series

  • PDF

If using a VM-series Palo Alto Networks Firewall, compared to a physical appliance such as a PA-series, please ensure the following additional requirements are met.

  • VM-300 or above models are required (VM-300, VM-500, VM-700 etc).
  • SSL Forward Proxy decryption is enabled.
  • Resources such as Subnets, and Route Tables should be created.

Note: please ensure Glasswall CDR Platform is installed and ready to be integrated before you begin these steps. Please refer to our Deployment page for more information if you haven't already done so.

Create VPC/VNET

  • Create a VPC/VNET with at least /20 range
  • Create at least 1 public subnet in an availability zone
  • Create at least 5 private subnets in the same availability zone and name them as below
    • Inside
    • Security Out
    • Security In
    • ICAP
    • Users
  • Subnets in different zone cannot be used to attach interfaces to the same instance
  • All private subnets should have a route tables which routes the traffic to firewall inside interface



Next: