I tried to run Palo Alto on EVE/Virtualbox/Apple MAC OS and found it fails to start the Palo Alto Firewall. So I decided to find the root cause. (EVE suggests the users use VMware, I used VirtualBox instead because I don’t have a VMware Fusion license)
I went through EVE logs 1st.
System -> System logs -> unl_wrapper.txt
![Log]()
Log and found the log:
Jan 25 05:18:13 INFO: starting /opt/unetlab/wrappers/qemu_wrapper -T 0 -D 3 -t "PaloAlto" -F /opt/qemu/bin/qemu-system-x86_64 -d 0 -- -nographic -device e1000,netdev=net0,mac=50:00:00:03:00:00 -netdev tap,id=net0,ifname=vunl0_3_0,script=no -device e1000,netdev=net1,mac=50:00:00:03:00:01 -netdev tap,id=net1,ifname=vunl0_3_1,script=no -device e1000,netdev=net2,mac=50:00:00:03:00:02 -netdev tap,id=net2,ifname=vunl0_3_2,script=no -device e1000,netdev=net3,mac=50:00:00:03:00:03 -netdev tap,id=net3,ifname=vunl0_3_3,script=no -smp 2 -m 4096 -name PaloAlto -uuid 934e653f-accd-4ce0-a243-369f853b4add -drive file=virtioa.qcow2,if=virtio,bus=0,unit=0,cache=none -machine type=pc-1.0,accel=kvm -nographic -rtc base=utc > /opt/unetlab/tmp/0/a0fab94b-9b39-4226-884b-894ff4942d65/3/wrapper.txt 2>&1 & Jan 25 05:18:13 INFO: CWD is /opt/unetlab/tmp/0/a0fab94b-9b39-4226-884b-894ff4942d65/3 Jan 25 05:18:13 ERROR: QEMU Arch is not set (80015).Start Palo Alto manually
From the log, you can find the qemu command, so I copied the command and run it from the console, got the error
Could not access KVM kernel moduleI followed the link about KVM kernel module and found the CPU doesn’t support KVM.
also found VirtualBox Ticket#4032.
make it work
Depends on #2, edit Palo Alto VM and remove ‘,accel=kvm’ option:
![Qemu Options]()
Qemu Options it works.
2018-01-05 update:
- Removing the ‘kvm’ option means worse performance.
- VMware has a free product: VMware Workstation Player for Linux and windows.
Scan the QR code using WeChat