The virtual machine will load, start, and function. The first port configured to the VM is assigned to the Palo Alto management interface. Subsequent ports attach sequentially from Ethernet 1/1. Sub-interfaces do work with this VM, so it is easily possible to deploy the firewall with a single Integrated Application Hosting (IAH) forwarding plane port, and break out ports using VLANs on the switch. The serial terminal function of Switch Engine works with no extra configuration required.
| Switch Models | Number of CPUs | Available RAM | Available Storage | Dedicated Management Port | Management Port BW | Number of Sideband Ports | Sideband BW Supported |
|---|---|---|---|---|---|---|---|
| 5720-24MXW | 2 | 4GB | 120GB | Yes | 1G | 1 | 10G |
| 5720-48MXW | 2 | 4GB | 120GB | Yes | 1G | 1 | 10G |
| 7520-48Y | 8 | 8GB | 120GB | Yes | 1G | 1 | 10G |
| 7520-48XT | 8 | 8GB | 120GB | Yes | 1G | 1 | 10G |
| Minimum Switch Engine Version | Switch Model | Resources Required from IAH to Support Solution | License Requirement |
|---|---|---|---|
| 32.3 | 5720 (MXW models) |
2 CPU cores 5,730 KB of RAM |
Premier license |
| 32.4 | 7520 (all models) |
8 CPU cores 5,730 KB of RAM |
Premier license |
| AP OS | Application | Resources Required from IAH to Support Solution | License Requirement |
|---|---|---|---|
| 9.1.2 | PAN VM-100 (PA-KVM-9.1.2.qcow2) |
2 CPU cores 5,730 KB of RAM |
Standard Subscription |
| 9.1.2 | PAN VM-100 (PA-KVM-9.1.2.qcow2) |
2 CPU cores 8,192 KB of RAM |
Standard Subscription |
Note
Virtual Interface mapping is not visible to the Palo Alto Firewall virtual machine. If all mapped interfaces are virtual, the VM will panic and go into maintenance mode.