Specifications
VM-Series Deployment Guide 61
Set Up a VM-Series NSX Edition Firewall Deploy the VM-Series NSX Edition Firewall
Define an IP Address Pool
The IP pool is a range of (static) IP addresses that are reserved for establishing management access to the
VM-Series firewalls. When the NSX Manager deploys a new VM-Series firewall, the first available IP address
from this range is assigned to the management interface of the firewall.
Specify the Port Groups from Which to Redirect Traffic
So that the NSX Manager can redirect traffic to the VM-Series firewall, you must select the port groups or
logical networks for which the VM-Series firewall must secure traffic.
Step 2 Select the IP protocols to allow.
1. Select
Networking and Security > Firewall > Ethernet.
2.
Add a rule that allows ARP, IPv4 and IPv6 traffic.
3.
Add a rule that blocks everything else.
Define an IP Pool
To add or verify that the IP pool is defined:
1. In the
Networking & Security Inventory, select the NSX Manager, and double click to open the configuration details
of the NSX Manager.
2. Select
Manage > Grouping Objects > IP Pools.
3. Click
Add IP Pool and specify the network access details requested in the screen including the range of static IP
addresses that you want to use for the Palo Alto Networks NGFW.
Enable SpoofGuard and Block Non-IP L2 Traffic