Configure GlobalProtect on VeloCloud

Configure GlobalProtect on VeloCloud

2793
Created On 12/29/20 01:54 AM - Last Modified 09/15/21 21:26 PM


Symptom


  • Configuration of VM-Series Firewall to work with GlobalProtect VPN on VeloCloud fails and connection is down.
  • Other physical interfaces i.e. eth1/3-eth1/7 are not configurable in VeloCloud. Maximum number of NIC can be configured on this platform: 2

Environment


  •  Platform: PA-VM on VeloCloud by VMWare
  •  PAN-OS/Plugin Version: Any
  •  Deployment: Existing/New

Cause


VeloCloud does NOT support layer 3 interfaces but only vwire mode.

Resolution


Currently GlobalProtect is only supported by layer 3 interface type due to which we cannot use VeloCloud for GlobalProtect. Possible solutions are below.
  1. Request Account Team to submit a feature request.
  2. Use Public or Private cloud platforms which supports Layer 3 deployment such as AWS, GCP, Azure etc...
  3. Use Prisma Access (GlobalProtect for cloud solutions)
Other users also viewed:
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u000000HC5sCAG&lang=en_US&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail