17:18 Just a heads up for anyone following: I didn't have an Internet Gateway as an option. I had to go to Services > Network Content and Delivery > VPC >Internet Gateway and create one. Then attach it to the VPC Great stuff!
@aussietaipan87003 жыл бұрын
Thanks mate. We are soon to deploy PA and move to PA in AWS. This vid will make me look like an expert.
@felixmoshami17 Жыл бұрын
quality content i would request you come up with palo alto firewall configuration as a course
@rileylabski3 жыл бұрын
Very good video to get someone oriented/deploying in AWS. Top notch work!
@SecurityPanda11 ай бұрын
Very well explained !! Appreciate your efforts !!!
@thilagarajuma2 жыл бұрын
Thank-you for detail session
@ahmedfarhanable Жыл бұрын
Great video, next video could be how to connect the ec2 in private subnet to the internet. I have ec2 now in private subnet but it seems we need to enable NAT to allow ec2 to access internet. If we have full video that would be great end to end. Enable url filtering block ips etc
@joelmck4 жыл бұрын
Thank you for this. Very well demonstrated.
@tyrondeonarine13482 жыл бұрын
I needed this. Thank you.
@ajayaj64833 жыл бұрын
Beautifully put together. Thanks
@thecybermyth39752 жыл бұрын
You have been sighted on the radar!!
@faketestgmail72633 жыл бұрын
You're the best mate
@anuragk41864 жыл бұрын
Thanks for the video. Looking forward to see more videos.
@MrElsocio3 жыл бұрын
Thank you. Amazing video, it helped me!
@shamax22018 ай бұрын
Thank you very much !!
@thrtnastrx2 жыл бұрын
Great video, thank you!
@hakimkipli4 жыл бұрын
Thanks for the video. Helps a lot
@sanjooroks3 жыл бұрын
Amazing video
@JavedShaik4 жыл бұрын
Nice one helped me a lot
@AbhishekSingh-zd4gm2 жыл бұрын
Thanks for the tutorial. i am unable to pat the traffic for a test pc i created, which is on the inside of the firewall, since the wan port information is not visible on the firewall. any idea how can i achieve it??
@nikeshjha88774 жыл бұрын
Thanks a lot
@sathish7774 жыл бұрын
thanks much
@adeadedeji24584 жыл бұрын
This is great. Got a question please. If I deploy another palo alto vm, how would I configure the palo alto panorama to give me an overview of all the firewalls? Thanks
@ElastiCourse4 жыл бұрын
Hi Ade, I will have a detailed video on Panorama central management soon, stay tuned.
@jonathanlynn63973 жыл бұрын
Just to clarify - Why are the links in the description about Fortigate? I was expecting links to the Palo Alto Courses.
@ElastiCourse3 жыл бұрын
Palo Alto courses are yet to be released. Existing courses are only on Fortigate, Fortimanager and AWS.
@jonathanlynn63973 жыл бұрын
@@ElastiCourse muchly appreciated!
@khoi22803 жыл бұрын
Hi, I just deployed a palo on AWS but seem to be having problems with the management interface not having an internet connection. i have associated the management subnet to the outside route table but still no luck. pls help
@ElastiCourse3 жыл бұрын
Make sure the management IP has got a public IP (Elastic IP), and security group allows ports 22 for SSH and 443 for Web Management. Then SSH first to the Palo Alto management Public IP using the private key you downloaded during instance creation.
@chuckjamm3 жыл бұрын
Thanks for sharing this video. For me, I now have questions - for this setup is much different that a setup in VMWare or having a physical firewall. I see that you are using a private IP space for your Public IP scheme. Is there some internal NAT that is done by the VPC gateway in order to use the firewall as a VPN server?
@ElastiCourse3 жыл бұрын
Jesse, AWS uses Public IPs on the edge only, meaning they do the NAT on their own using whichever elastic IP was generated/assigned to public interface. It may seem confusing if you are new to cloud networks, but this is done outside the VM therefore you don't see public IP directly on the firewall, by the time the VPN packet hit the internet it will look like this: Source IP: Elastic IP provided by AWS Destination IP: Remote VPN partner server When other side respond to VPN negotiation it looks like this\ Source IP: Remote VPN partner server Destination IP: Elastic IP provided by AWS AWS then takes the packet, does reverse NAT from Elastic IP to real private IP of public interface of the firewall VM.
@chuckjamm3 жыл бұрын
@@ElastiCourse Thanks for the explanation!
@rajeshrawat866 Жыл бұрын
Can we integrate one plao Alto VM with multiple VPC in aws
@ElastiCourse Жыл бұрын
I don't believe it's possible unless you peer the other vpc to the palo alto vpc and configure the route table accordingly
@quyleanh19003 жыл бұрын
now i can implement the policy from port e1/2 (source) to port e1/1 (destination same wan) to let the private ip out to the internet, right?
@ElastiCourse3 жыл бұрын
Yes you need a policy from Private interface and network to WAN network with NAT enabled to get access to Internet from your private network, you can tune in the policy by order to allow and deny specific traffic patterns or ports based on your needs.
@letrange1 Жыл бұрын
@@ElastiCourse Amazing video. Thanks! One related question to the previous one. NAT is enabled in the VM Series or using the NAT gateway available in AWS? Sorry if the answer is really obvious, but I´d appreciate if you can confirm that.
@ElastiCourse Жыл бұрын
@@letrange1 I used NAT in the firewall, not the NAT gateway.
@hussainqureshi21533 жыл бұрын
My interfaces are red even after Commit although i followed the steps properly i am talking about ethernet1/1 & ethernet 2/2 i restarted the instance again & again but same. what could be the possible reason ?
@dhananjay39743 жыл бұрын
Hi Hussain, Does it resolved ? I am also facing same issue
@ElastiCourse3 жыл бұрын
I recall something similar happened as I was making the video. Did you check interface config and see interface enabled and set to DHCP addressing mode?
@joelryan22223 жыл бұрын
Does anyone know how to remove the vm series firewall free tier from aws marketplace? The version I subscribed to returns an error that said the instance is deactivated or I do not have permissions.
@ElastiCourse3 жыл бұрын
What I would do is try to launch an EC2 instance and search for FortiGate on the marketplace, select the image, and if you are not unsubscribed to it, it will automatically subscribe for you.
@craigluke23573 жыл бұрын
Do you do Palo Alto training?
@ElastiCourse3 жыл бұрын
I have more Palo Alto training videos and courses coming soon.