Case Studies: VM-Series on AWS
6516
Created On 03/26/20 19:05 PM - Last Modified 04/06/20 23:59 PM
Question
Purpose
This document serves as a case study guide for most common issues reported on VM-Series Deployments on Amazon AWS.
Answer
Content
Contents of this document include the following case studies for VM-Series Deployments on AWS.
1. Bootstrapping
1.1 Firewall does not get any settings specified in “init-cfg.txt”
1.2 PA-VM deployed using bootstrap has serial as “unknown”
1.3 Bootstrapping is failing for PA-VM deployed in AWS
1.2 PA-VM deployed using bootstrap has serial as “unknown”
1.3 Bootstrapping is failing for PA-VM deployed in AWS
2. High Availability
2.1 Missing IAM role on PA-VM instance resulting in HA failure
2.2 ENI’s do not move to newly active unit upon HA failover
2.3 ENI’s do not move to newly active unit due to DNS issues
2.2 ENI’s do not move to newly active unit upon HA failover
2.3 ENI’s do not move to newly active unit due to DNS issues
3. IPsec Issues
3.1 IKE Phase-1 negotiation failure due to missing identification
3.2 Throughput across IPsec tunnel is limited to 600 Mbps
3.3 IPsec tunnel is down due to IKE Phase-1 failures
3.2 Throughput across IPsec tunnel is limited to 600 Mbps
3.3 IPsec tunnel is down due to IKE Phase-1 failures
4. Routing & NAT
4.1 Unable to reach specific destination/subnet within AWS
4.2 Traffic is not received on firewall
4.3 Return traffic is not seen on firewall
4.2 Traffic is not received on firewall
4.3 Return traffic is not seen on firewall
5. VM Information Sources
6. Miscellaneous