07-22-2016 08:44 PM
I have a PA200 and when I only have the management port plugged in, I can access the management interface. When I put it inline and have production traffic running through it, I'm no longer able to access the management interface. I have two NAT rules: one for a Playstation and one for general outbound using DIPP. I need to do some troubleshooting, but would anyone know why this is happening? Here is my Playstation NAT rule (which I think is the culpret).
Source zone: home
Destination zone: internet
Source address: playstation4
Source translation: static-ip, Internet IP (address), and bi-directional enabled
07-23-2016 01:20 AM
Hi,
From where you are trying to access it: local net or Internet?
What is your default gateway on the mgmt interface? Does it have an Internet access?
07-23-2016 06:02 AM
Check the traceroute to your mgmt address and see where it goes. I suspect your traffic may be going through the production flow and nat interfaces and not reaching your mgmt subnet.
07-25-2016 06:51 AM
If you are just trying to do this for testing purposes I would simply open up a new remote management profile and assign it to a port on your trust "home" zone, you should then be able to access the management interface and SSH into the device directly from the IP address assigned to that port.
P.S this is written assuming that you have layer 3 ports instead of layer 2; if you are using layer 2 in a home enviroment I might suggust just reorganzing to Layer 3 anyways since you get access to a few more things on the PA interface.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
