This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences

Is there a similar service like IP SLA so the firewall can change default routes as a result of a certain condition

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

Is there a similar service like IP SLA so the firewall can change default routes as a result of a certain condition

blaketraister
L0 Member

‎11-04-2014 12:21 PM

I was just curious...if I have 2 internet feeds but am not peering - I use ip/SLA to guanratee service.  If a ping to 4.2.2.2 fails, it drops the current default route and the other default route with the higher AD is the active default route.

Is there something similar to this in PAN-OS?

Labels:
0 Likes Likes
3 REPLIES 3

bat
L5 Sessionator

‎11-04-2014 12:23 PM

blaketraister

You are looking for PBF with monitoring.

Go through the following documents:

How to Configure ISP Redundancy and Load Balancing

Hope it helps!

HULK
L7 Applicator

‎11-04-2014 12:27 PM

A similar DOC: Dual ISP Branch Office Configuration

Thanks

0 Likes Likes

sbabu
L0 Member

‎11-04-2014 03:53 PM

Hi,

In PaloAlto there is no tracking protocol like IPSLA. However, you can configure default route for redundancy link with higher metric. If nexthop is not reachable or interface is down. The secondary route will take effect. Please find the below doc for the same.


Using Next Hop Versus Exit Interface for Default Route

If you network setup has redundant links to reach the next-hop, the best practice is to mention the next-hop along with the exit interface for the floating static routes to work efficiently.

0 Likes Likes
  • 11481 Views
  • 3 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!

LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2024 - Palo Alto Networks