Palo Alto VM SD-WAN - Specifications
SD-WAN Palo Alto
This part describes the specifications for deploying the Palo Alto firewall used as SD-WAN Gateway. This VNF is based on the PA-VM image and can be deployed by a customer or by the Orange production team.
Flavors
The available sizes of flavors for this VNF are shown below. These depend on the software versions selected.
| Standard | DPDK | |
|---|---|---|
| Small | 2 vCPU 8 GB Mem 64 Go Disk | 2 vCPU 4 GB Mem 64 Go Disk |
| Medium | 4 vCPU 16 GB Mem 64 Go Disk | 4 vCPU 16 GB Mem 64 Go Disk |
| Large | 8 vCPU 32 GB Mem 64 Go Disk | 8 vCPU 32 GB Mem 64 Go Disk |
In case of dual topology, a flavor can be selected for each virtual device making up a Virtual Network Edge.
Interfaces
The interfaces available are listed below:
-
Interface 1: Internet interface - management, with a floating Public IP address.
-
Interface 2: Internet interface - access, with a floating Public IP address.
-
Interface 3: MPLS interface used to connect to Orange MPLS VPN via VLAN sub-interfaces (101 to 108).
For each VLAN sub-interface:
- VPN list (1..99 items):
- VPN Name
- VPN role: any-to-any, client, server
- BGP:
- Enable/Disable BGP
- AS prepend (integer 1..6)
- Addressing per sub-interface: subnet/mask, network address, gateway, service address, VNF address.
- VPN list (1..99 items):
Software device versions
Below are the software image versions available for this VNF.
- PA-VM-KVM-10.2.10-h9
- PA-VM-KVM-10.2.10-h9_DPDK
Service specific parameters
Service specific parameters supported by this VNF:
- VM AS number (2 or 4 bytes)
- Hashed password
- IPv4 address of the primary Panorama server
- IPv4 address of the secondary Panorama server
- Authentication key
- Template name
- Devicegroup name
- PIN ID
- PIN Value
Licence
Only Bring Your Own Licence (BYOL) type is supported for Fortinet SD-WAN. You need to purchase your software licence with Fortinet sales.
Security group
No default security group configured for Fortinet VNE model.