Category: aws

  • Create BGP over GRE tunnel between Aviatrix Transit and Palo Alto Firewall

    Here’s a case where customer wants to create BGP over GRE tunnels between Palo Alto Firewall and Aviatrix Transit Gateways. Palo Alto have some articles but not very clear, this blog will serve as a reminder how this is done. Credit to Pranay for helping out the BGP peering part on Palo. This is a […]

  • Direct Connect to Aviatrix Transit – Option 1

    This is the first of the three articles. It will be the easiest to accomplish but with constrains. Virtual Private Gateway (VGW) has to be created in the same region as the Direct Connect Private Virtual Interface (VIF). Each VIF is dedicated to one VGW. VGW is NOT attached to the VPC Aviatrix orchestrate Customer […]

  • Using AWS TGW Connect with Aviatrix Transit to build GRE tunnels

    When customers are migrating to Aviatrix Transit from AWS TGW, we would build BGP connectivity between AWS TGW with Aviatrix Transit. In the past, we have to use IPSec, which would be limited to 1.25G per tunnel connection speed, for customer’s that doesn’t require end to end encryption during the migration, with AWS TGW Connect, […]

  • Multi-homed VM in different Clouds

    Many enterprises venture into clouds and find the landscape of cloud networking very different from on-prem. Multi-homed devices such as routers and firewalls when deploy to the cloud also are having challenges to insert themself into traffic path, particularly due the reasons listed below. This in turn slows down the enterprises adoption speed to the […]

  • TechTalk | Securing Cloud Egress—The Easy Way

    When operating in the cloud, enterprises often struggle with how to gain control of network traffic leaving their environments in a centralized, cost-effective, and CSP-agnostic way. In this webinar, you’ll learn how to make cloud egress architecture simple, repeatable, and automated—including how to: Gain visibility and control of internet-destined traffic in a cost-effective way (FQDN, subtopics […]

  • Compare AWS resource configurations

    So you have created your resources manually in AWS and it works fine, but when you tried to create the resource using Terraform and it just won’t work? I’ve ran into this issue when tried to create S3 + Policy + Roles for Palo Alto bootstrap, and here below is how to resolve this, please […]

  • Bootstrap Palo Alto with Aviatrix FireNet with AWS GWLB enabled

    Recently I’ve come to figure out how to bootstrap Palo Alto firewall while integrated with AWS GWLB and Aviatrix FireNet, here are my learning journal for future references: Validated environment: Aviatrix Controller version: UserConnect-6.6.5404 Palo Alto Networks VM-Series Next-Generation Firewall (BYOL) 10.1.3 I’ve used following Terraform code to create an Aviatrix FireNet egress only transit […]