I had to setup a KVM hypervisor to test PAN-OS. And since I’m doing this for the second time, I’m writing this sh*t down.

Make a Hyper-V gen 2 VM. Add it at least 8 GB ram, 50-100 GB disk. Setup the boot order, disable secure boot and install Ubuntu. Currnetly ubuntu-22.04.4-desktop-amd64.iso.

Do not forget to run

Set-VMProcessor -VMName kvm1 -ExposeVirtualizationExtensions $True

To make work on Hyper-V terminal a bit easyer, update the following in /etc/default/grub:

GRUB_CMDLINE_LINUX_DEFAULT="quiet splash video=hyperv_fb:1600x1200"

And then sudo update-grub.

There are also suggestions to install apt install linux-image-extra-virtual.

On we go…

Then install Virtual Machine Manager from packages.

If you run it, it will spit out an error like Unable to connect to librit qemu:///system..

As dumb as it sounds, just reboot the box and that will be solved.

Then copy the extracted PA-VM-KVM-10.2.5.vm_eval.qcow2 to /var/lib/libvirt/images.

Create a new VM. Give it all the memory and CPUs you can. Select defailt NAT network.

It should start booting. It will take quite some time to get to the login screen but do note the IP it gets for NAT. The first login that will appear is PA-HDF. You need to wait for PA-VM to be able to login.

However, it could be you are stuck on PA-HDF. In that case, reboot the vm and go into maint mode. See https://live.paloaltonetworks.com/t5/vm-series-in-the-private-cloud/unable-to-start-trial-vm-on-esxi/td-p/543039

Then boot into maint, select Continue, Disk Image and Reinstall....

Additional problem was the trial was expired. A hack around it is to scew the clock. This should work enough so you can get the config out or similar.

In VMM enable editing XML (preferences) then on the VM edit the clock node.

<clock offset="variable" adjustment="-5184000" />

Since the VM runs in natted network something like this is an easy https proxy hack:

socat -d -d TCP4-LISTEN:443,fork,reuseaddr TCP4:192.168.122.203:443