Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
6787
Views
10
Helpful
18
Replies

NGFWv-AWS - EBS volume encryption issue

varunes10
Level 1
Level 1

‎01-27-2020 09:29 AM

I am running multiple NGFWv in our AWS environment from the marketplace. When trying to setup the EC2 instance for the firewall image and if I selected to encrypt the ebs volume with default aws/ebs key then the appliance does not respond on boot up. I also do not see any system logs for the EC2 during boot up. I do see system logs while terminating the instance. We have a policy to have all ebs volumes encrypted else will be flagged non compliant. Does the NGFWv support encryption of the ebs volume in AWS? Any insight into this will be helpful. Thank you.

 

System logs on shutting the instance down.

IO memory blocks requested from bigphys 32bit: 87680

INIT: version 2.88 booting

Starting udev

Configuring network interfaces... done.

Populating dev cache

TODO: Remove /tmp/disable_dpdk to enable dpdk on ngfwv

Found virtual boot drive /dev/xvda1

Found virtual disk0 drive /dev/xvda2

fsck.fat 3.0.28 (2015-05-16)

Starting check/repair pass.

FATs differ but appear to be intact. Using first FAT.

Cluster 258046 out of range (207673272 > 2092549). Setting to EOF.

Cluster 258047 out of range (223535692 > 2092549). Setting to EOF.

Cluster 258048 out of range (10059955 > 2092549). Setting to EOF.

Cluster 258049 out of range (133079543 > 2092549). Setting to EOF.

Cluster 258050 out of range (65038938 > 2092549). Setting to EOF.

Cluster 258051 out of range (219439810 > 2092549). Setting to EOF.

Cluster 258052 out of range (46504770 > 2092549). Setting to EOF.

Cluster 258053 out of range (10103903 > 2092549). Setting to EOF.

Cluster 258054 out of range (250869187 > 2092549). Setting to EOF.

Cluster 258055 out of range (131507214 > 2092549). Setting to EOF.

Cluster 258056 out of range (79941071 > 2092549). Setting to EOF.

Cluster 258057 out of range (6384958 > 2092549). Setting to EOF.

Cluster 258058 out of range (259674023 > 2092549). Setting to EOF.

Cluster 258059 out of range (51362568 > 2092549). Setting to EOF.

Cluster 258060 out of range (262079956 > 2092549). Setting to EOF.

Cluster 258061 out of range (256313087 > 2092549). Setting to EOF.

Cluster 258062 out of range (34401673 > 2092549). Setting to EOF.

Cluster 258063 out of range (257800812 > 2092549). Setting to EOF.`

2 people had this problem
Labels:
0 Helpful
18 Replies 18

varunes10
Level 1
Level 1
In response to pangrazi

‎08-26-2020 10:19 AM

Same here. Still waiting on an update from @jimholla on the fix.

0 Helpful

jimholla
Cisco Employee
Cisco Employee
In response to varunes10

‎08-26-2020 10:58 AM

At this point, it has only been fixed with the 6.4.0-113 image that is in the marketplace. Other versions will be fixed but we are gated by another issue. I do not have an ETA.
0 Helpful

ivan.auger
Level 1
Level 1
In response to jimholla

‎07-07-2022 01:34 PM

Has there been any progress on this?  Issue also occurs with 7.0.2-88

0 Helpful

iamjeroenris
Level 1
Level 1

‎10-13-2022 04:47 AM

I do not see very helpfull feedback on this topic! Is there no solution for this issue?

I am expiriencing the same problem at the moment for the Cisco Secure Firewall Threat Defense Virtual - BYOL AMI in AWS.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card