Specifications

ManualsBrandsCDA ManualsDomestic Appliancesvm200

VM-Series Deployment Guide 17

Set Up a VM-Series Firewall on an ESXi Server Install a VM-Series firewall on VMware vSphere Hypervisor (ESXi)

Configure the Management Interface

Step 1 Gather the required information from

your network administrator.

• IP address for MGT port

• Netmask

• Default gateway

• DNS server IP address

Step 2 Access the console of the VM-Series

firewall.

1. Select the

Console tab on the ESXi server for the VM-Series

firewall, or right click the VM-Series firewall and select

Open

Console

2. Press enter to access the login screen.

3. Enter the default username/password (admin/admin) to log in.

4. Enter

configure to switch to configuration mode.

Step 3 Configure the network access settings for

the management interface.

Enter the following command:

set deviceconfig system ip-address <Firewall-IP>

netmask <netmask> default-gateway <gateway-IP>

dns-setting servers primary <DNS-IP>

where <Firewall-IP> is the IP address you want to assign to the

management interface,

<netmask> is the subnet mask,

<gateway-IP> is the IP address of the network gateway, and

<DNS-IP> is the IP address of the DNS server.

Step 4 Commit your changes and exit the

configuration mode.

Enter

commit.

Enter exit.

Step 5 Verify network access to external services

required for firewall management, such as

the Palo Alto Networks Update Server.

To verify that the firewall has external network access, use the ping

utility. Verify connectivity to the default gateway, DNS server, and

the Palo Alto Networks Update Server as shown in the following

example:

admin@VM_200-Corp> ping host updates.paloaltonetworks.com

PING updates.paloaltonetworks.com (67.192.236.252) 56(84)

bytes of data.

64 bytes from 67.192.236.252: icmp_seq=1 ttl=243 time=40.5 ms

64 bytes from 67.192.236.252: icmp_seq=1 ttl=243 time=53.6 ms

64 bytes from 67.192.236.252: icmp_seq=1 ttl=243 time=79.5 ms

Note After verifying connectivity, press Ctrl+C to stop the pings.

An unlicensed VM-Series firewall can process up to 200 concurrent sessions. Depending on the

environment, the session limit can be reached very quickly. Therefore, apply the capacity

auth-code and retrieve a license before you begin testing the VM-Series firewall; otherwise, you

might have unpredictable results, if there is other traffic on the port group(s).