professional-service-best-practices/terraform-paloalto-ha
14
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
No description
5 commits 1 branch 0 tags 54 KiB
HCL 100%
Find a file
Michael Sodan 248f554aed changes
2025-05-12 12:09:04 +02:00
project changes 2025-05-12 12:09:04 +02:00
.gitignore changes 2025-05-09 13:57:02 +00:00
00-provider.tf changes 2025-05-09 13:57:02 +00:00
01-network.tf changes 2025-05-12 12:09:04 +02:00
02-paloalto-image.tf fix project id 2025-05-12 11:27:56 +02:00
03-paloalto_appliance.tf fix project id 2025-05-12 11:27:56 +02:00
99-variables.tf changes 2025-05-12 12:09:04 +02:00
README.md changes 2025-05-12 12:09:04 +02:00

README.md

  1. terraform files for deploying two paloAlto Firewalls in a HA Setup
  • important thing is to enable port_security on the interfaces which will hold the vip
  • the interface with the VIP must not be attached to a server!
  • also the internal VIP IP has to be added as allowed_address, otherwise the move of the floating IP will not work. It is not possible to a CIDR here. The IP must be set with /32.
  • if you enable port_security also a security rule must be added with the relevant rules.
  • the interfaces are added to the same network on firewall 1 and 2 for HA.