Enable VM-Series Integration with a Gateway Load Balancer
When integrating the VM-Series firewall
with a GWLB, you must first enable the VM-Series firewall to properly
process traffic redirected to the firewall by the GWLB endpoints.
You can enable this functionality using the VM-Series firewall CLI, through
the VM-Series bootstrapping package, or the user-data field in the
VM-Series firewall deployment with a GWLB requires:
PAN-OS 10.0.2 or later
VM-Series plugin 2.0.2 or later
Panorama 10.0.2 or later if you using Panorama to manage
The table below lists the commands required to enable GWLB traffic
inspection and associate a subinterface with a VPC endpoint. Operation
commands can be used in the a bootstrapping init-cfg.txt file or
in the user-data field in the AWS console.
set system setting mgmt-interface-swap enable yes
command requires the firewall to reboot before taking effect.
Swaps eth0 and eth1. Eth0 becomes a data
interface and eth1 becomes the management interface.