Known Issues in Panorama Plugin for AWS 3.0.0
The following list describes known issues in the Panorama Plugin for AWS 3.0.0.
The Remove Config link under
does remove all deployments and IAM information from Panorama but it does not trigger a delete of the VM-Series firewalls created by Panorama orchestration from your AWS environment.
Traffic flow to the stack stops for a few minutes and the deployment status appears inconsistent when you upgrade PanOS from version 10.0.5 to 10.0.6 in the secondary Panorama.
Panorama HA failover fails to create a deployment.
After configuring an IAM role and deployment in the primary active, do a Panorama HA failover, the secondary Panorama becomes the new active. Clicking the
Deploybutton returns an error message.
Workaround: Try deploying after a couple of minutes.
Deployment fails when local availability zones (AZ) are configured for the deployment.
Panorama Plugin for AWS stops pulling tags when you upgrade from version 2.0.2 to 3.0.0.
Workaround: After you upgrade the plugin version 2.0.0 to version 3.0.0, perform a commit on Panorama. Once the commit is done, use the Panorama CLI to run the command:
request plugins reset-plugin only plugin plugin-name aws.
On Panorama HA, the
Secondary Panorama IPdrop-down does not display the public IP for the secondary Panorama.
Selecting a custom ami displays an error message because the length exceeds 31 characters.
In a scaled environment, the AWS plugin user interface crashes when displaying IP address-to-tags payload in the
Workaround: Use the Panorama CLI to run command:
show plugins aws details-dashboard.
An API server connection issue occurs even before configuring the deployment.
When you create a new Transit Gateway in the AWS console after a deployment is configured in Panorama, it does not show up immediately in the plugin user interface. The plugin updates the database once every ten minutes. All newly added AWS resources appear only after the database refresh is complete.
Updating IAM user credentials after stack deployment returns an error.
Traffic flow gets interrupted when a deployment is updated on Panorama.
The AWS plugin for Panorama only supports two deployments at a time.
When configuring a deployment, the
AMI IDdrop-down under
list software versions 8.0.17 and later instead of versions 10.0.5 or later.
The deployment status appears as
Successbefore the deployment is committed to Panorama.
When you delete the IAM role from a successful deployment and perform a commit, the plugin does not return an error message.
Unable to update the parameters of a failed stack because the fields are disabled.
Workaround: When your deployment fails, undeploy the deployment, then redeploy with proper configuration.
Outbound traffic flow stops when you select
PacketMMAPmode for AWS orchestrated PAVMs.
Recommended For You
Recommended videos not found.