10-01-2020 07:13 AM
Can anyone assist with this CF Template? https://github.com/PaloAltoNetworks/aws-transit-vpc
It is outdated, and I can't figure out why it's getting hung up. First the AMI was old, so I updated that to 9.1, now it's created one PA in the transit VPC, but I can't login (password is wrong) so I'm guessing the bootstrap config (which I am just using the one in this git) is maybe not working for 9.1 as it says 8.0 in the xml.
Or I'm fine doing things manually, I just don't get the transit VPC portion. I had one setup with just a peer link and I could ping between the VPCs, but internet traffic would not flow through the Palo. What I found was it looks like that's not a supported model and you have to do IPSEC tunnels? I'm getting a bit turned around there, I just want my outbound traffic from a subscribing VPC to flow through the Palo for outbound traffic.
10-01-2020 07:32 AM
maybe I'm just being impatient. The 2nd firewall finally got deployed it looks like. No VPN tunnels yet, and still can't access either firewall incorrect username/pass using the defaults from the bootstrap.
Just going to give it some more time and see if hopefully it finishes everything. Still curious if there is something weird with the scripts because of the versions
Thanks
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
