Installation Prerequisites
Expand all | Collapse all
Installation Prerequisites
Learn about deploying the on-premises controller and the installation
prerequisites.
General Information
- Supports fully air-gapped installation process, no internet access required
during installation.
- A backup location to store periodic config backups at
/mnt_ebs/backup_config.
- One management IP for the multi-node controller virtual machine (VM)
installation.
- Firewall TCP ports: the following ports need to be opened to allow inbound
communication from users and ION devices to the controller:
- Admin host to <controller-ip>: TCP 443/9443 for browser access,
TCP/22 for SSH.
- ION device to <controller-ip>: TCP/443.
- Current API rate limit/concurrent calls limited to 20.
Installation Prerequisites
Learn about the installation prerequisites to install the On-Premises Controller for
Prisma SD-WAN.
- Configure VM as per the deployment size, refer the minimum hardware requirements.
- Download the qcow2 installer. Note
that qcow2 is based on Ubuntu 20.04.5. (Contact Palo Alto Support or Palo Alto
Partner for support, if needed).
- Reserve one static IP address for the deployed controller connectivity.
- Password-less sudo access. Requires Ubuntu user access and the Ubuntu user must
be on the sudo users' list. Refer to the Installation Workflow
- KVM or ESXi Hypervisor running on qcow2 host OS
- Network Services: Host Server OS qcow2 provided by Palo Alto Networks, NTP
Server running standard NTP service, and DNS (optional) Private DNS server is
preferred.
- Do not modify the OS and software packages.
It's recommended to disable the internet connection when
installing the VM and the OS. Download the OS image from the
download link shared by Palo Alto
Networks.
