PaloAlto UNL Basic config

20160809 22.09.jpg

NOTE:
-make sure all nics in UNL vm using vmxnet3 and not e1000
-I feel PA6.1 is more stable than PA7.0.1
-I don’t have URL Filtering license, so I can’t test blocking website

-set PA mgmt nic ip to 192.168.1.1
> configure
# set deviceconfig system ip-address 192.168.1.1 netmask 255.255.255.0
# commit

PC1:
MGMT NIC
   ip 192.168.1.10/24
LAN NIC
   ip 10.0.0.10/24
   gw 10.0.0.1
-open PC1 browser and go to https://192.168.1.1
L: admin
P: admin

set Device/Management section
Image.png

-set Service Route Configuration
Image.png

-set Network/Network Profiles/Interface Mgmt
Image.png

-set Network/Zones
Image.png

-set Network/Interfaces
Image.png

-set Network/DHCP

Image.png

-set Objects/Addresses

Image.png

-set Policies/Security

Image.png

-set Policies/NAT

14cf68d6570787bcc52ed77bbd863a68

-click Commit
-click Save
Now you can test whether you can surfing from PC1
Advertisements

2 thoughts on “PaloAlto UNL Basic config

  1. Hi

    Running Palo Alto 7.1.0 VM-100 in UNL (Unified Networking Lab-1.0.0-8.ova) and qemu version is 2.4.0. It is really not working at all with vmxnet3 – all interface counters at 0 and not even the management interface not communicating. It works with e1000, there is communication, both on mgmt interface and the ethernet1/ interfaces – but there is an error “Cannor read e1000 PHY register”. The same vm-100 image works fine in ESXi 5.5 with vmxnet3 NICs. Should I presume the vmxnet3 emulation in qemu is faulty? Or there is a trick – e.g. updating qemu?.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s