This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences

Autoscaling in AWS version 3 (Gateway load balancer integration) - Firewalls never register in Panorama

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.

Autoscaling in AWS version 3 (Gateway load balancer integration) - Firewalls never register in Panorama

Go to solution
TonyCleveleys
L1 Bithead

‎07-02-2021 08:52 AM

Hi all,

 

This is a really helpful group and I hope you can help with this challenge.

 

1. We deployed the ASG using Template 3.0 - all successful.

2. Firewalls bootstrapped successfully.

3. The lambda had a problem enabling the VM-Series element for cloudwatch (stated error 13 in use but) managed to make the change manually

4. Everything else error free

 

We are coming out of the firewall VPC and hitting the Panorama box in another VPC on it's external address. This never seems to complete the registration process and panorama status is disconnected.

 

Things I've tried:

1. Checked the ports

2. Validated the bootstrap auth code (works fine and bootstrap is clear)

3. Lowered the MTU on interface 1/1 to 1400

4. Manually registered a firewall in Panorama with the serial number and generated a manual auth code.

5. Used that auth code on one of the firewalls to connect to Panorama. The auth code is accepted but still states disconnected on the firewall and in Panorama.

 

It's really tough to get any detailed diagnosis for the error. Did I miss something?

 

We are running version 10.1.0 on the firewalls and in Panorama.

 

Would really appreciate a steer if anyone has faced this issue.

 

 

0 Likes Likes
1 accepted solution

Accepted Solutions

Go to solution
TonyCleveleys
L1 Bithead

‎07-08-2021 09:45 AM

I fixed this. Just incase it's useful for anyone else the guide is unclear and it's important to name your template with a different name than the template name in the init-cfg.txt. The lambda creates a template stack and it's important this name is unique. Once I changed the name the firewalls registered.

View solution in original post

0 Likes Likes
1 REPLY 1

Go to solution
TonyCleveleys
L1 Bithead

‎07-08-2021 09:45 AM

I fixed this. Just incase it's useful for anyone else the guide is unclear and it's important to name your template with a different name than the template name in the init-cfg.txt. The lambda creates a template stack and it's important this name is unique. Once I changed the name the firewalls registered.

0 Likes Likes
  • 1 accepted solution
  • 3099 Views
  • 1 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!

LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2024 - Palo Alto Networks