Perform Initial Configuration on the VM-Series on ESXi
Use the virtual appliance console on the ESXi server to set up network access to the VM-Series firewall. By default, the VM-Series firewall uses DHCP to obtain an IP address for the management interface, but, you can also assign a static IP address. After completing the initial configuration, access the web interface to complete further configuration tasks. If you have Panorama for central management, refer to the Panorama Administrator’s Guide for information on managing the device using Panorama.
If you are using bootstrapping to perform the configuration of your VM-Series firewall on ESXi, refer to Bootstrap the VM-Series Firewall on ESXi.
For general information about bootstrapping, see Bootstrap the VM-Series Firewall.
- Gather the required information from your network administrator.
- IP address for MGT port
- Default gateway
- DNS server IP address
- Access the console of the VM-Series firewall.
- Select theConsoletab on the ESXi server for the VM-Series firewall, or right click the VM-Series firewall and selectOpen Console.
- Press Enter to access the login screen.
- Enter the default username/password (admin/admin) to log in.
- Enterconfigureto switch to configuration mode.
- Configure the network access settings for the management interface.Enter the following commands:set deviceconfig system type staticset deviceconfig system ip-address<Firewall-IP>netmask<netmask>default-gateway<gateway-IP>dns-setting servers primary<DNS-IP>
- Commit your changes and exit the configuration mode.Entercommit.Enterexit.
- Verify network access to external services required for firewall management, such as the Palo Alto Networks Update Server.
- Use the ping utility to verify network connectivity to the Palo Alto Networks Update server as shown in the following example. Verify that DNS resolution occurs and the response includes the IP address for the Update server (the Update server does not respond to ping requests.) After verifying DNS resolution, press Ctrl+C to stop the ping request.admin@PA-220 >ping host updates.paloaltonetworks.comPING updates.paloaltonetworks.com (10.101.16.13) 56(84) bytes of data. From 192.168.1.1 icmp_seq=1 Destination Host Unreachable From 192.168.1.1 icmp_seq=2 Destination Host Unreachable From 192.168.1.1 icmp_seq=3 Destination Host Unreachable From 192.168.1.1 icmp_seq=4 Destination Host Unreachable
- Use the following CLI command to retrieve information on the support entitlement for the firewall from the Palo Alto Networks update server: request support check If you have connectivity, the update server responds with the support status for your firewall.
- Apply the capacity auth code and retrieve a license before you begin testing the VM-Series firewall.An unlicensed VM-Series firewall can process up to approximately 1230 concurrent sessions. Depending on the environment, the session limit can be reached very quickly, causing unpredictable results.
Perform Initial Configuration on the VM-Series Firewall
Perform Initial Configuration on the VM-Series Firewall Use these instructions to perform the initial configuration of your VM-Series firewall. By default, the VM-Series firewall uses ...
Perform Initial Configuration of the VM-Series Firewall on ...
Perform Initial Configuration of the VM-Series Firewall on KVM Use the virtual appliance console on the KVM server to set up network access to the ...
Bootstrap the VM-Series Firewall
Bootstrap the VM-Series Firewall Bootstrapping allows you to create a repeatable and streamlined process of deploying new VM-Series firewalls on your network because it allows ...
Use Case: Secure the EC2 Instances in the AWS Cloud
Use Case: Secure the EC2 Instances in the AWS Cloud In this example, the VPC is deployed in the 10.0.0.0/16 network with two /24 subnets: ...
Bootstrap the VM-Series Firewall on ESXi
Bootstrap the VM-Series Firewall on ESXi You can bootstrap the VM-Series firewall using an ISO image or a virtual hard disk. Bootstrap the VM-Series Firewall ...
Install a VM-Series firewall on VMware vSphere Hypervisor (...
Install a VM-Series firewall on VMware vSphere Hypervisor (ESXi) To install a VM-Series firewall you must have access to the Open Virtualization Alliance format (OVA) ...
How Do the Components in the VM-Series Firewall for NSX-V Solution Work Together?
How Do the Components in the VM-Series Firewall for NSX-V Solution Work Together? To meet the security challenges in the software-defined data center, the NSX-V ...
Known Issues Specific to PAN-OS 9.0.1
Review the known issues specific to the PAN-OS 9.0.1 release. ...
Components of the VM-Series Firewall on NSX-T
Components of the VM-Series Firewall on NSX-T The following tables show the components of this joint Palo Alto Networks and VMware NSX-T solution. VMware Components ...