GWLB commands don’t get applied during bootstrapping

GWLB commands don’t get applied during bootstrapping

8413
Created On 12/15/21 09:50 AM - Last Modified 12/16/22 04:12 AM


Symptom


Adding the following GWLB-specific commands to the init-cfg.txt file does not work if the base image of the bootstrap process is older than PanOS 10.0.2: 
 plugin-op-commands=aws-gwlb-inspect:enable,aws-gwlb-overlay-routing:enable

 

Environment


  • VM-Series Firewall on AWS.
  • GWLB (Gateway Load Balancer) Integration.
  • PAN-OS 9.1.x, 10.0.0, or 10.0.1.

Cause


  • The VM-Series integration with the GWLB in AWS is supported on PanOS 10.0.2 or higher and 10.1.x.
  • The older PAN-OS releases do not recognize these commands.
  • Even if the PanOS image was upgraded as part of the bootstrap package to one of the supported releases, the commands won't be applied either if the base image used in the software folder was not supported.
  • This is happening because the bootstrap process checks the compatibility on the starting base image, and not the final (target) image.

Resolution


For GWLB commands to be applied during the bootstrap process, the Base PAN-OS image must be one of the PanOS releases that support the integration with the GWLB. i.e. 10.0.2 or higher or 10.1.x

Enabling VM-Series Integration With A-GWLB

 
Other users also viewed:
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u000000oMrRCAU&lang=en_US&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail

Choose Language