Palo Alto Firewall
What is Palo Alto Firewall?
A Palo Alto firewall is a network security device developed by Palo Alto Networks. It provides advanced firewall and threat prevention capabilities to protect networks and data from cyber threats. This firewall is known for its next-generation features, including application-level filtering, intrusion detection and prevention, and URL filtering, all designed to enhance security and control over network traffic.
Preparing the Installer
If you don’t have license or installer beforehand, Palo Alto actually offers a form to request for a 30-day trial
After that just download the installer given in the email
Then deploy the OVA to ESXi, and boot the VM
After a while, we should be able to login through console with credentials admin/admin
If encountering error the first time logging in, follow this guide
And the Web GUI should also be up
Topology
Here’s the network topology for this deployment
Configuring Management Interface
Right now the management interface is still using DHCP-obtained IP Address, let’s change that.
On Device » Interface, select management
Choose static and fill in the IP
Configuring Interfaces
On Network » Zones, create two Layer 3 zones for Inside and Outside
On Network » Interface Mgmt, create new configuration to allow us doing management to the interface
Then on Network » Interfaces, configure the outside network interface on Ethernet1/1
Interface type : Layer 3, Zone : Outside
Give it the internet facing IP Address
Give management profile, not recommended on production but for lab its all good
Next configure the inside network interface on Ethernet1/2
Interface type : Layer 3, Zone : Inside
Give it the internal facing IP Address
Give management profile
After that, on Network » Virtual Routers, create new vRouter, add both the interfaces
Add a static default route going to the internet next hop IP Address
At this point, commit the changes and both interfaces should be accessible
