Virtual ION on Azure Deployment Guide
    : Deploy Using the Prisma SD-WAN Azure Deployment Template
    Focus
    Download PDF
    Focus
    1. Home
    2. Prisma
    3. Prisma SD-WAN
    4. CloudBlades Integration and Deployment
    5. Virtual ION on Azure Deployment Guide
    6. Deploy Prisma SD-WAN to Azure
    7. Deploy Using the Prisma SD-WAN Azure Deployment Template
    Download PDF

    Virtual ION on Azure Deployment Guide

    Deploy Using the Prisma SD-WAN Azure Deployment Template

    Table of Contents

    Deploy Using the Prisma SD-WAN Azure Deployment Template

    Deploy the Azure templates in Prisma SD-WAN
    1. Log in to the Azure Portal and navigate to the Marketplace. Search for Prisma SD-WAN vION Solution Template for Azure Cloud and select Create.
    2. In the Basic tab you will have the following options:
      • Subscription: Select the appropriate Azure subscription you wish to use to deploy the Virtual Appliance.
      • Resource Group: Create a new resource group to deploy the Virtual ION and associated resources.
        In this release you can only deploy a new resource group, you cannot use an existing resource group.
      • Region: Select the Azure Compute Region where you want to deploy the Virtual Appliance.
    3. Select Next: Prisma SD-WAN vION network config.
      On the Prisma SD-WAN vION network config tab you will have the following options:
      • Virtual Network
        • Virtual Network: transitVNET
        • Controller Subnet: 10.x.0.0/24
        • Internet/Public Subnet: 10.x.1.0/24
        • LAN/Private Subnet: 10.x.2.0/24
      • Network Security Group: Inbound source IP
        • The NSG by default will allow only UDP 500/4500 inbound. If you wish to modify the sources you can specify here. It is recommended to leave this as the default 0.0.0.0/0 setting.
        These are the default values, if you want to customize these settings select Create new and complete.
        If using a custom VNET ensure that each of the subnets is at least a /29 and falls within the range of the VNET address range you select.
    4. Once complete, click Next: Prisma SD-WAN vION Configuration.
    5. On the Prisma SD-WAN vION Configuration tab complete the following:
      • Public IP address: Name of the Public IP Address for Port 1 that will be created.
      • Domain name label: Must be unique
      • Private IP Address: IP address in the Internet Subnet that will be assigned to the Virtual IONs Port 1 interface.
        Azure reserves the first 3 IP addresses in any subnet, chose from the 4th available IP address in the Internet Subnet.
      • Gateway: First IP address from the Internet Subnet
      • DNS: DNS IP address for Port 1, you can use Azure’s own DNS 168.63.129.16 or any public DNS for example 8.8.8.8 or 1.1.1.1.
      • Prisma SD-WAN vION Version: Software version of the Virtual Appliance to deploy, recommended to use the latest version.
      • Prisma SD-WAN vION Licence Key: Use the License Key that was generated from the Prisma SD-WAN portal.
      • Prisma SD-WAN vION Secret Key: Use the License Key that was generated from the Prisma SD-WAN portal.
      • Virtual Machine Size: Leave at the default selection.
    6. Click Next: Review + Create now, Azure will validate the configuration against the deployment template.
    7. Once validated, click Create to deploy the virtual appliance.

    © 2024 Palo Alto Networks, Inc. All rights reserved.