Describe the bug
The health probe configured in the GWLB is a TCP check on port 80. This is failing, so GWLB believes that PaloAlto firewall is down.
Expected behavior
I expect the health check to succeed.
Current behavior
Because the health probe fails, traffic cannot traverse the GWLB service chain.
Steps to reproduce
- Deploy this ARM template to deploy App Stack and Security Stack.
- Ensure that service chain is correctly configured. I.e., that the frontendIP of the PublicLB is referencing the frontendIP of the SecurityLB.
- Attempt to reach your application. It fails.
- Remove the service chaining. Ie., remove the GWLB reference from the Public LB.
- Attempt to reach your application. It succeeds (but does not traverse the PaloAlto firewall).
Describe the bug
The health probe configured in the GWLB is a TCP check on port 80. This is failing, so GWLB believes that PaloAlto firewall is down.
Expected behavior
I expect the health check to succeed.
Current behavior
Because the health probe fails, traffic cannot traverse the GWLB service chain.
Steps to reproduce