Create a new Bootstrap File from Scratch

Launch a new VM-Series firewall on AWS using a supported PAN-OS version (see the compatibility matrix for Panorama plugins), without using the sample bootstrap.xml file, and export the configuration to create a new bootstrap.xml file for use with the VM-Series Auto Scaling template v2.0.
  1. Deploy the VM-Series Firewall on AWS (no bootstrapping required) and use the public IP address to SSH into the Command Line Interface (CLI) of the VM-Series firewall. You will need to configure a new administrative password for the firewall.
  2. Log in to the firewall web interface.
  3. (
    Optional
    ) Configure the firewall. You can configure the dataplane interfaces, zones and policy rules.
  4. Commit
    the changes on the firewall.
  5. Export the configuration file and name it as
    bootstrap.xml
    . (
    Device
    Setup
    Operation
    Export Named Configuration Snapshot
    ).
  6. Download the bootstrap.xml file from the GitHub repository, open it with a text editing tool, and copy lines 353 to 356. These lines define the AWS CloudWatch namespace to which the firewall publishes custom PAN-OS metrics that are required for the firewalls to auto scale.
  7. Edit the configuration file you exported earlier to include the AWS CloudWatch information.
    Search for
    </management>
    and paste the lines 353 to 356 after
    </management>
    .
    cft_2.0_bootstrap_cw.png
  8. Delete the management interface configuration.
    1. Search for
      </service>
      and delete the ip-address, netmask and default gateway that follow.
    2. Search for
      </type>
      and delete the ip-address, netmask, default gateway, and public-key that follow.
      cft_2.0_bootstrap_mgmt_ip.png
  9. Save the file. You can now proceed with Launch the VM-Series Auto Scaling Template for AWS (v2.0).

Recommended For You