Header Ads

Installing Palo Alto Firewall in Virtual Box and used it in GNS3 - Part III

, ,

I have tried in different ways to implement a reliable PA VB with GNS3. But every methods had some issues and no solution found in Google. Seems to be time wasting configuration and troubleshooting for these things. 

Then I focus to install GNS 1.3.11 version. Let’s see how its behavior.

  • Drag and drop a PA-VB into GNS3 and start it.
  • Put show interface management in the PA-VB (mgmt. IP = 192.168.1.1). Then you have to select VB network adapter 1 to VB HO adapter. Configure that adapter in physical machine with IP/DGW as 192.168.1.10/192.168.1.1.
  •  Other adapters as Generic Drivers.
  • Now enable to ping from VB to 192.168.1.10
  • Load the web console now. https://192.168.1.1
  • PA web Ethernet 1/1 (10.10.10.1)             - tally with           - GNS3 PA e1    
  • PA web Ethernet 1/2 (172.16.1.1)             - tally with           - GNS3 PA e2
  • PA web Ethernet 1/3 (201.10.10.1)           - tally with           - GNS3 PA e3
  • For all above interfaces, the PA-VM Settings adapter 2/3/4 for PA interfaces.
  • What about Adapter 1 there. It’s for mgmt... Interface. That is why GNS3 PA e0 stays as a blank.
  • GNS3 e1 -> RT 10.10.10.2 (able to ping from RT to e1 but vice versa not)
  • GNS3 e2 -> RT 172.16.1.2 (able to ping from RT to e2 but vice versa not)
  • GNS3 e3 -> RT 201.10.10.2 (able to ping from RT to e3 but vice versa not)

f

Verification

I have removed the e1 interface in GNS3 PA. Then check the PA at web console. See link state is red now meaning cable is disconnected. (e1 is adapter 2 in PA-VM settings) Adapter 3 is e2 and so on.
Now let’s find out why PA cannot ping to routers.

Save at > C:\Users\iTechdigest\GNS3\projects\untitled-test900

When I click save, GNS3 go not responding and it gave a load error message. I put OK to that message and left to have a bath. Next day I opened my project but the saved item is not showed in GNS3. I assumed due to that not responding scenario the file somehow got crashed. However, GNS3 is able to start but not with the file I had saved. No point of wasting time on this simple save problem. It is rather better to install a new PA and start doing investigation. I will make more comfortable and as a review I can go one by one through above process and memorize the steps and method to follow on deploying VB PA in GNS3.

 Part IV >> Troubleshooting – Why PA cannot ping to Routers 


Post a Comment

No comments

Thank you very much for your ideas!

Subscribe to: Post Comments ( Atom )