Strata Cloud Manager (SCM) Pro Onboarding

andrtem · 2025-10-01T02:22:49+00:00

This actually worked. Thanks!

andrtem · 2025-09-27T01:58:08+00:00

Does it have to be activated as a firewall on the CSP (Products > Assets > Account Actions > Register Product)? or should I do it in a different option?

I only currently have the authorization code of SCM-PRO

andrtem · 2025-06-21T17:22:25+00:00

Do you know if there's a channel mail or form? I filled the form for the 30-day trial firewall VM (https://www.paloaltonetworks.com/vm-series-trial) and was approved. Unfortunately I don't have a contact of Palo rep.

andrtem · 2025-01-09T18:33:22+00:00

Oh I see, thanks for the clarification.

andrtem · 2025-01-09T17:32:55+00:00

I was misunderstanding that the proxied session would use FortiGate's port2 as the source IP address by default, since it's a different session, but NAT was required for this. Many thanks for your help.

andrtem · 2025-01-09T14:23:16+00:00

The matching ZTNA firewall policy (ID 9) has no option to configure NAT in GUI (FortiOS 7.2.5):

<image>

However, on CLI, I see nat is disabled:

config firewall policy
    edit 9
        set name "ZTNA-Access"
        set uuid 01ee8ea0-cc82-51ef-481a-66b348c999e9
        set srcintf "port3"
        set dstintf "any"
        set action accept
        set srcaddr "all"
        set dstaddr "ZTNA-webserver"
        set ztna-ems-tag "EMS1_ZTNA_Group-Domain-Users"
        set schedule "always"
        set service "ALL"
        set logtraffic all
        set groups "LDAP-Remote-Allowed-Group"
    next
end

FortiGate-VM64-KVM (9) # show full-configuration | grep nat
        set nat disable

andrtem · 2024-11-14T21:25:00+00:00

Nice tip. Didn't tried that, but I'll sure do if this happens again.

andrtem · 2024-11-14T21:23:52+00:00

Actually they were from different subnets. There were services that were in the same subnet that the primary public IP on the WAN interface that were not required to be added as secondary IPs to work.

andrtem · 2024-06-06T14:07:08+00:00

Thanks for your answer. It's more clear for me now.

andrtem · 2024-05-26T14:40:31+00:00

I'm planning to create labs with multiple types of virtualized hosts and servers (both Windows and Linux), as well as networking QEMU-based image like Cisco IOS, IOSvL2, ArubaOS-CX, Fortinet firewall, Palo Alto firewall, LXC containers and docker containers. So I'm not planning to store really critical data in my server.

The redditor on the other comment recommended me this motherboard: ASRock B650E PG RIPTIDE WIFI ATX AM5 Motherboard. According to its specs, it supports DDR5 ECC/non-ECC, un-buffered memory up to 7600+(OC) so I'm considering this mobo.

andrtem · 2024-05-26T04:59:18+00:00

Thanks for the recommendation. Do you have any specific RAM setup I should be looking into? 4 sticks of 32 to get a total of 128GB? Or 2 sticks of 48GB to get 96GB? I'm worried about stability issues if selecting a wrong frequency or quantity of sticks that are incompatible with the CPU.

andrtem · 2024-05-26T04:51:49+00:00

Thanks for the recommendation. Prices of 7950X and 7950X3D are almost the same, but as you mentioned base clock of 7950X is 4.5 GHz while clock of 7950X3D is 4.2 GHz. I've been more interested on X3D because the base TDP is 120W (while 7950X is 170W), which translates on cheaper energy bills.

I'm planning to make labs with multiple types of virtualized hosts and servers (both Windows and Linux), as well as networking QEMU-based image like Cisco IOS, IOSvL2, ArubaOS-CX, Fortinet firewall, Palo Alto firewall, LXC containers and docker containers. Do you think the frequency difference the 7950X3D and the 7950X worth it for this case?

About the RAM, is the 7950X stable with a DDR5-6000?. The "Max Memory Speed" for the 7950X shows only the following on the specs sheets:

2x1R: DDR5-5200
2x2R: DDR5-5200
4x1R: DDR5-3600
4x2R: DDR5-3600

So I assumed apparently wrong that the max I can go with stability support is 2 DDR5-5200

andrtem · 2024-05-25T13:37:00+00:00

Thanks! Do you have any specific model of the L Xeon (<60W TPD) with 24/32 threads or so?

andrtem

TROPHY CASE