Create a new Bootstrap File from Scratch

Launch a new VM-Series firewall on AWS using the AMI for the PAN-OS version (8.0 or 8.1), without using the sample bootstrap.xml file, and export the configuration to create a new bootstrap.xml file for use with the VM-Series Auto Scaling template v2.0.
  1. Deploy the VM-Series Firewall on AWS (no bootstrapping required) and use the public IP address to SSH into the Command Line Interface (CLI) of the VM-Series firewall. You will need to configure a new administrative password for the firewall.
  2. Log in to the firewall web interface.
  3. (Optional) Configure the firewall. You can configure the dataplane interfaces, zones and policy rules.
  4. Commit the changes on the firewall.
  5. Export the configuration file and name it as bootstrap.xml. (DeviceSetupOperationExport Named Configuration Snapshot).
  6. Download the bootstrap.xml file from the GitHub repository, open it with a text editing tool, and copy lines 353 to 356. These lines define the AWS CloudWatch namespace to which the firewall publishes custom PAN-OS metrics that are required for the firewalls to auto scale.
  7. Edit the configuration file you exported earlier to include the AWS CloudWatch information.
    Search for </management> and paste the lines 353 to 356 after </management>.
    cft_2.0_bootstrap_cw.png
  8. Delete the management interface configuration.
    1. Search for </service> and delete the ip-address, netmask and default gateway that follow.
    2. Search for </type> and delete the ip-address, netmask, default gateway, and public-key that follow.
      cft_2.0_bootstrap_mgmt_ip.png
  9. Save the file. You can now proceed with Launch the VM-Series Auto Scaling Template for AWS (v2.0).

Related Documentation