Home
EN
Location
Documentation Home
Palo Alto Networks
Support
Live Community
Knowledge Base
MENU
Home
Prisma
Prisma Access
Prisma Access Integration Guide (Panorama Managed)
Onboard Mobile Users and Branch Offices in Mainland China
Connect your Mobile Users in Mainland China to Prisma Access
Configure Alibaba Cloud for Mobile Users in China
Create Linux Instances in the Alibaba Cloud VPCs
Document:
Prisma Access Integration Guide (Panorama Managed)
Create Linux Instances in the Alibaba Cloud VPCs
Download PDF
Last Updated:
Wed May 04 18:19:08 PDT 2022
Previous
Next
Create Linux Instances in the Alibaba Cloud VPCs
After you create the VPCs in Alibaba Cloud, you deploy instances in those VPCs.
Deploy the router instance for Router 2.
In Alibaba Cloud, select
Elastic Compute Service (ECS)
; then, select
Instances
.
Select
Create Instance
.
Select
Custom
, then select the preferred billing method.
Select the same
Region
and
Zone
that you selected for VPC 2.
Select the following parameters:
In the
Interface Type
area, select a
vCPU
of
2 vCPU
and a
Memory
of
4 GiB
.
In the
Image
area, select
Linux
and
16.04 64bit
.
In the
Storage
, leave the
System Disk
size as
Ultra Disk 40 GiB
.
Select
Networking
at the bottom of the page to continue to the
Networking
area.
Select the following parameters:
In the
Network
area, select
VPC
, then select the VPC you created and create a new security group for this instance.
In the
Network Billing Method
area, select
Assign public IP
.
In the
Security Group
area, select
Create Security Group
and create a security group that allows incoming connections on TCP port 22 and UDP ports 500 and 4500.
(
Optional
) If you require more restrictive rules, create them by adding authorization objects.
Select
Next: System Configurations
.
Create a new
Key Pair
or use an existing key pair for SSH access.
Select
Preview
and review the information for the instance to make sure that it is correct; then, select
Create Order
.
A page displays with the new instance.
Test SSH connectivity by opening a CLI session and entering the
ssh -i
key-file
root@
instance-ip
, where
key-file
is the file in which you stored the key and
instance-ip
is the public IP of the instance shown in the previous screenshot as
(Internet)
.
Deploy the VM-series firewall instance for Router 1.
Set up a VM-Series firewall on Alibaba Cloud
.
Create three elastic network interfaces (ENIs) in Alibaba cloud.
Create an ENI for the Mgmt vSwitch with a public IP address.
Create an ENI for the Untrust vSwitch (ethernet1/1 on the firewall) with an elastic IP address.
Create an ENI for the Trust vSwitch (ethernet1/2 on the firewall) without a public IP address.
The following screenshot shows the VM-series network interfaces, with the EIP address you created in a previous step assigned to the Trust interface (
Trust-ENI
), the Untrust interface (
ENI-Untrust
), and the management interface.
Create and configure the VM-series firewall
.
When complete, your configuration should look match the configuration that is shown on the following Alibaba Cloud screens:
Instance details:
Security groups in VPC 1:
Decide which static private IP addresses you want to use for the VM-series instance and make a note of them.
Verify that you can connect to the management interface of the firewall by opening a browser and entering
http://
public-ip-of-primary-interface
, where
public-ip-of-primary-interface
is the public IP address of the primary interface.
Previous
Next
Recommended For You
Recommended Videos
Recommended videos not found.