No internet after changing ISP

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

No internet after changing ISP

L1 Bithead

PA-440, OS 10.1.14, Standalone

We just changed the ISP, the static IP in interface (WAN), updated the Virtual Router as well, NAT, PBF, Security Policy was checked, IKE Gateway.

But we couldn't browse the internet. The firewall management GUI is also accessible by the WAN interface Before (from the allowed host), but not now.

 

If i revert the settings and plug in again the old ISP, it works without problem.

 

What have I missed?

7 REPLIES 7

Cyber Elite
Cyber Elite

Hello,

If everything works with the old config, then I would say the new ISP is not physically connected to the PAN. Are you using the same interface of the new and old ISP or a different one for each?

Regards,

L2 Linker

I would recommend double checking the configuration to ensure the correct IP addresses are added where they need to be. The troubleshooting tool is also useful (Device --> Troubleshooting), and taking packet captures on the untrust (WAN) interface can clarify what the firewall is actually seeing. I would need to see screenshots and/or output of the config to troubleshoot further. 

 

 

 

 

I'm using the same interface but made sure all the settings of old ISP records were replaced by the new. I also tried using different interface but getting the same situation.

L3 Networker

Hello @Dars_Em 

Have you tried pinging the internet with the IP set on the interface? I'd also recommend clearing the ARP tables, just to be safe.

Regards

Jorge Pomachagua
PCNSE, PCNSC.

Hi, I tried both clearing the ARP and pinging host 8.8.8.8 from CLI but not responding.

L3 Networker

Hello @Dars_Em 

Here's what I recommend:

  • Configure the assigned IP on a laptop and connect it to the new ISP. If you can't get internet access, there might be an issue with the ISP.
  • Perform a traceroute with the firewall connected, and then with the laptop connected, to see where the packet is getting stuck.

 

Regards

Jorge Pomachagua
PCNSE, PCNSC.

L2 Linker

I still strongly recommend a packet capture being setup on your untrust / WAN interface. Food for thought - if you changed ISP to a different provider then you may need to account for something such as MTU on the WAN interface. 

  • 439 Views
  • 7 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!