I have FINALLY SUCCEEDED in getting Palo Alto VM-Series Software Firewall 10.0.4 to work in Ubuntu Desktop 22.04.5 LTS KVM Host

Turritopsis Dohrnii Teo En Ming teo.en.ming at protonmail.com
Tue Apr 1 16:27:31 UTC 2025 

Subject: I have FINALLY SUCCEEDED in getting Palo Alto VM-Series Software Firewall 10.0.4 to work in Ubuntu Desktop 22.04.5 LTS KVM Host

Author: Mr. Turritopsis Dohrnii Teo En Ming
Country: Singapore
Date: 2nd April 2025 Wednesday

I have FINALLY SUCCEEDED in getting Palo Alto VM-Series Software Firewall 10.0.4 to work in Ubuntu Desktop 22.04.5 LTS KVM Host.

Below are my FINAL notes.

cd /etc/netplan/
sudo nano 01-netcfg.yaml

My FINAL netplan configuration:

network:
  version: 2
  renderer: networkd
  ethernets:
    enp1s0:
      dhcp4: no
    enp2s0:
      dhcp4: no
    enp3s0:
      dhcp4: no
    enp4s0:
      dhcp4: no
  bridges:
# Management interface
    br0:
      interfaces: [enp1s0]
      dhcp4: yes
# WAN interface
    br1:
      interfaces: [enp2s0]
      dhcp4: yes
# LAN interface
    br2:
      interfaces: [enp3s0]
      dhcp4: no
      addresses: [192.168.1.254/24]
# Unused interface for the moment, maybe DMZ in the future
    br3:
      interfaces: [enp4s0]
      dhcp4: yes

sudo netplan apply
sudo systemctl restart NetworkManager

sudo brctl addif br0 enp1s0
sudo brctl addif br1 enp2s0
sudo brctl addif br2 enp3s0
sudo brctl addif br3 enp4s0

teo-en-ming at PA-VM:/etc/netplan$ sudo brctl show
bridge name	bridge id		STP enabled	interfaces
br0		8000.da16c5ba83c0	yes		enp1s0
br1		8000.2a1de38524c1	yes		enp2s0
br2		8000.2ac0bc028fe3	yes		eno1
br3		8000.4eb2b8fe7743	yes		enp4s0
virbr0		8000.525400f9e6d6	yes	

You should use virtio for all of your Linux bridges in Virtual Machine Manager (GUI). virtio has been verified to work.	

Interface Mappings
===================

Port 1 on the hardware appliance maps to the Management interface eth0
Port 2 on the hardware appliance maps to the WAN interface ethernet1/1
Port 3 on the hardware appliance maps to the LAN interface ethernet1/2
Port 4 on the hardware appliance maps to the DMZ interface ethernet1/3 (to be implemented in the future)

Congratulations to myself!

My next project: I am planning to download, install and configure Check Point CloudGuard Virtual Firewall in Ubuntu Linux KVM host!

Regards,

Mr. Turritopsis Dohrnii Teo En Ming
Singapore
2nd April 2025 Wednesday 12.25 AM

More information about the ubuntu-users mailing list