Deploy the VM-Series Firewall Using
IBM Cloud Schematics
To deploy the VM-Series firewall using the
IBM catalog template, you must first create a VPC network for each
interface on the firewall. For instructions on creating a VPC network,
see Getting Started with VPC network.
You
can deploy the VM-Series Next-Generation Firewall (BYOL) through
IBM cloud Schematics. The IBM cloud terraform template deploys an
instance of the VM-Series firewall with a minimum of one management
interface and two dataplane interfaces. You can add additional dataplane
interfaces for up to five IBM cloud instances in your virtual private
cloud (VPC).
Before you deploy the VM-Series firewall, you
must create or choose a project in your organization and create
any networks and subnets that will connect to the firewall. You
cannot attach multiple network interfaces to the same VPC network.
Every interface you create must have a dedicated network with at
least one subnet. Ensure that your networks include any additional
dataplane instances you create.
All VM-Series firewall
interfaces must be assigned an IPv4 address when deployed in a public
cloud environment. IPv6 addresses are not supported.
- Locate the VM-Series firewall listing in IBM Cloud Catalog.
- Log in to IBM Cloud.
- ClickCatalog.
- Search forPalo Alto Networks VM-Series Firewall - BYOLin the IBM Cloud catalog search box.
- Click thePalo Alto Networks VM-Series Firewall - BYOLtile.
- Configure your workspace.
- Enter the Deployment Name (this name is displayed in the Deployment Manager). The name must be unique and cannot conflict with any other deployment in the project.
- Select a Resource group. For instructions to create a resource group, see Creating a Resource Group.
- Enter relevant Tags. Tags help you in identifying your deployment.
- Specify the values for following parameters:ParameterDescriptionSample Valueimage_nameVM-Series image to be installed.pa-vm-kvm-9-1-3-1 or pa-vm-kvm-10-0-6regionVPC region that you want your VPC virtual servers to be provisioned.us-eastssh_key_nameThe name of your public SSH key to be used for VSI. For information on creating an SSH key, see Public SSH Key.vm-series-ssh-keysubnet_id1The ID of the subnet (management) which will be associated with the first interface of the VNF instance. Click the subnet details in the VPC Subnet Listing to determine this value.0717-xxxxxx-xxxx-xxxxx-8fae-xxxxxsubnet_id2The ID of the subnet (data-plane) which will be associated with the second interface of the VNF instance. Click the subnet details in the VPC Subnet Listing to determine this value.0717-xxxxxx-xxxx-xxxxx-8fae-xxxxxvnf_instance_nameName of the VNF instance to be provisioned (lower-case).vm-series-fw-vsivnf_profileThe profile of compute CPU and memory resources to be used when provisioning the vnf instance. For more information, see Instance Profiles.bx2-8x32vnf_security_groupThe name of the security group to which the VNF Instance's first interface(management) belongs to.vm-series-mgmt-sg
- Installing the terraform template.
- ClickInstall.
- Navigate toand choose your workspace to view and edit details related to your workspace.IBM cloudSchematicsWorkspaces
- Accessing the management interface of the VM Series Firewall.
- Navigate toand copy the Floating IP of your VPC instance on which you have deployed the VM Series Firewall.IBM cloudVPC InfrastructureFloating IPs
- Open a browser and enter the IP address in the URL region of the browser prefixing it with https(for example, https://161.xxx.173.xxx). The VM Series Firewall management interface login screen appears. If you are using a VPN connection, you may have to terminate the connection before connecting to the VM-Series console (URL).
- Login to the interface using the following credentials:Username: adminPassword: adminYou will be prompted to change your password on your first login. You will be able to access the interface only after logging in with the changed password.
Recommended For You
Recommended Videos
Recommended videos not found.