11-14-2018 03:40 AM
I am having a weired issue with a PaloAlto and a Telekom Router.
I configured a specific client address to always use a second Router (with internet connection) to communicate to the WAN.
Everything on the PaloAlto looks good to me but when I plug-in the Telekom Router into the configured interface port of the Paloalto I cannot access the Routers webpanel nor do I get an internet connection. Once I unplug the Cable from the interface port I have internet and can access the routers webpanel again. The client i try to access the webpanel is directly connected to one of the routers ports.
It's like there is too much traffic coming from the PaloAlto towards the router, which is according to the configuration not possible.
Now I want to actually check if there is a lot going on on that interface and try to figure out why the webpanel is never reachable when plugged into the FW.
Thanks in advance!
11-29-2018 07:23 AM - edited 11-29-2018 07:23 AM
I had setup the same IP on the PaloAlto as on the Telekom Router. Once the cable was plugged in there were and IP Adress conflict. I changed the Netmask of the Router inside the PaloAlto to x.x.x.2 instead of x.x.x.1 (Router IP).
11-14-2018 05:54 AM
With (interface eq ethernet1/6)
you can check the traffic flow for interface port 6 (Monitor->Traffic).
So i figured that out, okay. But has anyone an idea why the Router is not reachable once the cable from Router is plugged into the PaloAlto?
11-15-2018 09:33 AM
Hello,
What do the logs say as for allowed/denied traffic? While I am not familiar with the Telekom router, I know some 'marry' themselves to specific macs. Try rebooting the Telekom router when you have the PAN plugged into it.
Regards,
11-22-2018 05:43 AM
I assume that the PaloAlto somehow presents itself as 192.168.5.1 (IP of telekom router) on that specific Interface.
Meaning that if I try to access the router within its network, I get redirected to the PaloAlto, thus not getting a Webinterface.
Reebooting the Router when plugged into PlaoAlto did not help, first 2 minutes it looked good (Internet and Webinterface of telekom router was reachable), but then same behavior as described.
Besides that we monitored the traffic between a VLAN and the telekom router. Clients in the VLAN are supposed to use the route through the telekom router to the WAN. But every test ends in "aged out". Could this indicate that the telekom router is not sending any packets back?
11-29-2018 07:23 AM - edited 11-29-2018 07:23 AM
I had setup the same IP on the PaloAlto as on the Telekom Router. Once the cable was plugged in there were and IP Adress conflict. I changed the Netmask of the Router inside the PaloAlto to x.x.x.2 instead of x.x.x.1 (Router IP).
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
