Known Issues in Panorama Plugin for AWS 3.0.0
Table of Contents
Expand all | Collapse all
-
-
-
-
- Features Introduced in Zero Touch Provisioning 2.0
- Known Issues in the Zero Touch Provisioning 2.0.4 Release
- Known Issues in the Zero Touch Provisioning 2.0.3 Release
- Known Issues in the Zero Touch Provisioning 2.0.2 Release
- Known Issues in the Zero Touch Provisioning 2.0.1 Release
- Known Issues in the Zero Touch Provisioning 2.0.0 Release
- Limitations
-
-
Known Issues in Panorama Plugin for AWS 3.0.0
The following list describes known issues
in the Panorama Plugin for AWS 3.0.0.
PLUG-11671
To support rolling upgrade on the Panorama Plugin for AWS 3.0.x or later,
the number of the licenses needed must be twice the minimum number of instances in the
Auto Scaling group configuration.
PLUG-9080
The Remove Config link under PanoramaPlugins does
remove all deployments and IAM information from Panorama but it
does not trigger a delete of the VM-Series firewalls created by
Panorama orchestration from your AWS environment.
PLUG-9047
Traffic flow to the stack stops for a
few minutes and the deployment status appears inconsistent when
you upgrade PanOS from version 10.0.5 to 10.0.6 in the secondary
Panorama.
PLUG-9031
Panorama HA failover fails to create
a deployment.
After configuring an IAM role and deployment in
the primary active, do a Panorama HA failover, the secondary Panorama
becomes the new active. Clicking the Deploy button
returns an error message.
Workaround: Try deploying after a couple of minutes.
PLUG-9019
Deployment fails when local availability
zones (AZ) are configured for the deployment.
PLUG-9017
Panorama Plugin for AWS stops pulling
tags when you upgrade from version 2.0.2 to 3.0.0.
Workaround: After you upgrade the plugin version 2.0.0
to version 3.0.0, perform a commit on Panorama. Once the commit
is done, use the Panorama CLI to run the command: request plugins reset-plugin only plugin plugin-name aws.
PLUG-8993
On Panorama HA, the Secondary
Panorama IP drop-down does not display the public IP
for the secondary Panorama.
PLUG-8959
Selecting a custom AMI displays an error
message because the length exceeds 31 characters.
Fix—The AMI maxlen is now set to 128
which is similar to AWS AMI limit of 127 characters.
This issue is fixed in Panorama plugin for AWS, version 4.1.0.
PLUG-8936
In a scaled environment, the AWS plugin
user interface crashes when displaying IP address-to-tags payload
in the Monitoring Definition dashboard.
Workaround: Use the Panorama CLI to run command: show plugins aws details-dashboard.
PLUG-8754
An API server connection issue occurs
even before configuring the deployment.
PLUG-8752
When you create a new Transit Gateway
in the AWS console after a deployment is configured in Panorama,
it does not show up immediately in the plugin user interface. The
plugin updates the database once every ten minutes. All newly added
AWS resources appear only after the database refresh is complete.
PLUG-8695
Updating IAM user credentials after stack
deployment returns an error.
PLUG-8225
Traffic flow gets interrupted when a
deployment is updated on Panorama.
PLUG-8203
The AWS plugin for Panorama only supports
two deployments at a time.
PLUG-8180
When configuring a deployment, the AMI
ID drop-down under FirewallImage list software versions
8.0.17 and later instead of versions 10.0.5 or later.
PLUG-8178
The deployment status appears as Success before
the deployment is committed to Panorama.
PLUG-8138
When you delete the IAM role from a successful
deployment and perform a commit, the plugin does not return an error
message.
PLUG-8078
Unable to update the parameters of a
failed stack because the fields are disabled.
Workaround: When your deployment fails, undeploy the deployment,
then redeploy with proper configuration.
PAN-176234
Outbound traffic flow stops when you
select PacketMMAP mode for AWS orchestrated
PAVMs.