AWS GWLB traffic connections are not re-established after failover

AWS GWLB traffic connections are not re-established after failover

944
Created On 06/14/22 19:44 PM - Last Modified 07/30/25 19:37 PM


Symptom


  • After Palo Alto / AWS GWLB failover,  traffic connections are not re-established afterwards.   New sessions can begin to establish connections

Environment


  • AWS GWLB and Palo Alto Networks vm series plugin integration

Cause


  • AWS GWLB vm series redundancy setup is not an active/passive HA setup.  There is no session synchronization between the firewalls involved behind AWS GWLB

Resolution


  • The observed behavior of session interruption during failover is expected.  Redundant path setup in AWS GWLB vm series plugin integration is not an active/passive HA setup.
  • If one of the VM firewall goes down, it is up to the GWLB to which VM firewall it is forwarding traffic to. There is no session synchronization on the firewall side
Other users also viewed:
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u000000Cq2dCAC&lang=en_US&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail

Choose Language