11/30/2021

Gns3 Palo Alto

Created On 07/01/20 22:46 PM - Last Modified 09/16/20 14:53 PM

Palo Alto Virtual Firewall Guide

The GNS3 Setup wizard displays. Click Next to start the installation. GNS3 is free open source software distributed under the GNU General Public License Version 3. Read the license agreement, and if you agree with the contents, click the I Agree button to continue the installation. Palo Alto Image VM for Gns3. Posted by 4 years ago. Palo Alto Image VM for Gns3. Hi Guys, Anyone here has a copy of pa-vm-esx-6.1.0.ova or idea.


Symptom
  • Newly deployed PA-VM on KVM (RedHat kernel version 7.6 patch 325) is stuck in a boot loop and ends up in maint mode
  • Even while accessing maint mode the VM reboots and get stuck at 'swap_dup: Bad swap file entry xxxxx' error with no means of recovery
  • Issue is only seen on RedHat kernel version 7.6 with VirtIO
  • Snippet of error on console:
PA-HDF login:
swap_dup: Bad swap file entry 40000001ae1b00
swap_dup: Bad swap file entry 40000001ae1b01
swap_dup: Bad swap file entry 40000001ae1b02
swap_dup: Bad swap file entry 40000001ae1b03

Environment
  • Model: PA-VM
  • PAN-OS: 9.0.4
  • Platform: KVM
  • Distro: RHEL
  • Kernel version: 7.6

Cause
  • Only SR-IOV is supported on RHEL 7.6 with PAN-OS 9.0.4
Gns3 Palo Alto

How To Configure The Captive Portal In Palo Alto Firewall

Resolution

Access Palo Alto GUI In GNS3

  • PAN-OS kernel is updated in xfr and 9.1 releases and Virtio/SR-IOV is supported with RHEL 7.6 with PAN-OS 9.0.3.xfr or 9.1.0 and later
  • VM-Series Firewall Hypervisor Support > Section: VM-Series for KVM / RHEL: 7.6

AltoAttachmentsGns3 Palo Alto
EVE Image NameDownloaded FilenameVersionvCPUsvRAMConsole
1.paloalto-7.0.1PA-VM-ESX-7.0.1.ova7.0.124096Telnet
2.paloalto-8.0.1PA-VM-KVM-8.0.1.qcow28.0.124096Telnet
Instructions
Other versions should also be supported following bellow’s procedure.

1 Method, converting from OVA VMDK disk.

1.1. Create temporary working directory and upload the downloaded image to the EVE using for example FileZilla or WinSCP. Then login as root using SSH protocol and uncompress it:

1.2. Then convert the disk to the qcow2 format:

1.3. Create the folder for HDD image and move it:

1.4. Delete temporary directory abc and fix permissions:

Default username is admin with password admin.

2 Method, deploying KVM .qcow2 image

2.1. Using our image table, create correct image folder, this example is for image 2. in the table above. It is paloalto 8.0.1 image. Per our image naming table we have to create image folder starting with paloalto-, lets do it.

2.2. Upload the downloaded image to the EVE /opt/unetlab/addons/qemu/paloalto-8.0.1/ folder using for example FileZilla or WinSCP.
2.3. From the EVE cli, go to newly created image folder.

2.4. Rename original filename to virtioa.qcow2

2.5. Fix permissions:

Default username is admin with password admin.