Basic Routing on PA-220

Reply
Highlighted
L0 Member

Basic Routing on PA-220

I have a new PA-220 for a test lab, and this is my first time configuring any PA device from scratch, so I apologize in advance if I've missed something basic.  I have set up the interfaces and I can ping out using the troubleshooting -> ping utility in the web UI, but ONLY if I specify the outside interface IP as the source during the test.  It is an optional field and if I leave it blank, I get an error that says Failed to get result.  In the CLI, I cannot ping out to anywhere, even the next hop gateway upstream with the just the simple ping host x.x.x.x command.  Anything related to DNS fails as well, such as updates, but I believe that is because the routing is hosed and it can't hit the public DNS servers.  I have double and triple checked my IPs and masks, I believe.  What could I be missing?

Highlighted
L4 Transporter

Re: Basic Routing on PA-220

Login in through cli run following commands

 

show interface all

show routing route

Any NAT policy ?

ping source eth1/1  host g.w ip

 

SD-WAN | Cloud Networking | PCNSE | ICSI CNSS | MCNA | | CCNP | CCSA | SPSP | SPSX | F5-101 | CCIE-SEC-Attempted
Highlighted
L3 Networker

Re: Basic Routing on PA-220

Hi @BrandonTice 

 

When you ping via the CLI, you need to specify the where the ping will source/come from.

PA-220#ping source x.x.x.x host y.y.y.y

 

If the source is unspecified, the firewall will use its default "management inteface ip"

 

See article below for more details

https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000Clk7CAC

L2 Linker

Re: Basic Routing on PA-220

See article below for more details

https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000Clk7CAC 

 

In case unspecified of source IP, then the management interface IP will act as a default IP

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!

The Live Community thanks you for your participation!