https://live.paloaltonetworks.com/t5/vm-series-in-the-public-cloud/autoscaling-in-aws-version-3-gateway-load-balancer-integration/m-p/416871#M1246 <P>Hi all,</P><P>&nbsp;</P><P>This is a really helpful group and I hope you can help with this challenge.</P><P>&nbsp;</P><P>1. We deployed the ASG using Template 3.0 - all successful.</P><P>2. Firewalls bootstrapped successfully.</P><P>3. The lambda had a problem enabling the VM-Series element for cloudwatch (stated error 13 in use but) managed to make the change manually</P><P>4. Everything else error free</P><P>&nbsp;</P><P>We are coming out of the firewall VPC and hitting the Panorama box in another VPC on it's external address. This never seems to complete the registration process and panorama status is disconnected.</P><P>&nbsp;</P><P>Things I've tried:</P><P>1. Checked the ports</P><P>2. Validated the bootstrap auth code (works fine and bootstrap is clear)</P><P>3. Lowered the MTU on interface 1/1 to 1400</P><P>4. Manually registered a firewall in Panorama with the serial number and generated a manual auth code.</P><P>5. Used that auth code on one of the firewalls to connect to Panorama. The auth code is accepted but still states disconnected on the firewall and in Panorama.</P><P>&nbsp;</P><P>It's really tough to get any detailed diagnosis for the error. Did I miss something?</P><P>&nbsp;</P><P>We are running version 10.1.0 on the firewalls and in Panorama.</P><P>&nbsp;</P><P>Would really appreciate a steer if anyone has faced this issue.</P><P>&nbsp;</P><P>&nbsp;</P> Fri, 02 Jul 2021 15:52:57 GMT TonyCleveleys 2021-07-02T15:52:57Z https://live.paloaltonetworks.com/t5/vm-series-in-the-public-cloud/autoscaling-in-aws-version-3-gateway-load-balancer-integration/m-p/416871#M1246 <P>Hi all,</P><P>&nbsp;</P><P>This is a really helpful group and I hope you can help with this challenge.</P><P>&nbsp;</P><P>1. We deployed the ASG using Template 3.0 - all successful.</P><P>2. Firewalls bootstrapped successfully.</P><P>3. The lambda had a problem enabling the VM-Series element for cloudwatch (stated error 13 in use but) managed to make the change manually</P><P>4. Everything else error free</P><P>&nbsp;</P><P>We are coming out of the firewall VPC and hitting the Panorama box in another VPC on it's external address. This never seems to complete the registration process and panorama status is disconnected.</P><P>&nbsp;</P><P>Things I've tried:</P><P>1. Checked the ports</P><P>2. Validated the bootstrap auth code (works fine and bootstrap is clear)</P><P>3. Lowered the MTU on interface 1/1 to 1400</P><P>4. Manually registered a firewall in Panorama with the serial number and generated a manual auth code.</P><P>5. Used that auth code on one of the firewalls to connect to Panorama. The auth code is accepted but still states disconnected on the firewall and in Panorama.</P><P>&nbsp;</P><P>It's really tough to get any detailed diagnosis for the error. Did I miss something?</P><P>&nbsp;</P><P>We are running version 10.1.0 on the firewalls and in Panorama.</P><P>&nbsp;</P><P>Would really appreciate a steer if anyone has faced this issue.</P><P>&nbsp;</P><P>&nbsp;</P> Fri, 02 Jul 2021 15:52:57 GMT https://live.paloaltonetworks.com/t5/vm-series-in-the-public-cloud/autoscaling-in-aws-version-3-gateway-load-balancer-integration/m-p/416871#M1246 TonyCleveleys 2021-07-02T15:52:57Z https://live.paloaltonetworks.com/t5/vm-series-in-the-public-cloud/autoscaling-in-aws-version-3-gateway-load-balancer-integration/m-p/417852#M1250 <P>I fixed this. Just incase it's useful for anyone else the guide is unclear and it's important to name your template with a different name than the template name in the init-cfg.txt. The lambda creates a template stack and it's important this name is unique. Once I changed the name the firewalls registered.</P> Thu, 08 Jul 2021 16:45:07 GMT https://live.paloaltonetworks.com/t5/vm-series-in-the-public-cloud/autoscaling-in-aws-version-3-gateway-load-balancer-integration/m-p/417852#M1250 TonyCleveleys 2021-07-08T16:45:07Z