- Access exclusive content
- Connect with peers
- Share your expertise
- Find support resources
04-15-2025 06:01 AM - edited 04-15-2025 06:34 PM
PA-440, OS 10.1.14, Standalone
We just changed the ISP, the static IP in interface (WAN), updated the Virtual Router as well, NAT, PBF, Security Policy was checked, IKE Gateway.
But we couldn't browse the internet. The firewall management GUI is also accessible by the WAN interface Before (from the allowed host), but not now.
If i revert the settings and plug in again the old ISP, it works without problem.
What have I missed?
04-15-2025 11:46 AM
Hello,
If everything works with the old config, then I would say the new ISP is not physically connected to the PAN. Are you using the same interface of the new and old ISP or a different one for each?
Regards,
04-15-2025 11:48 AM
I would recommend double checking the configuration to ensure the correct IP addresses are added where they need to be. The troubleshooting tool is also useful (Device --> Troubleshooting), and taking packet captures on the untrust (WAN) interface can clarify what the firewall is actually seeing. I would need to see screenshots and/or output of the config to troubleshoot further.
04-15-2025 05:58 PM
I'm using the same interface but made sure all the settings of old ISP records were replaced by the new. I also tried using different interface but getting the same situation.
04-16-2025 08:53 AM
Hello @Dars_Em
Have you tried pinging the internet with the IP set on the interface? I'd also recommend clearing the ARP tables, just to be safe.
Regards
04-16-2025 08:56 AM
Hi, I tried both clearing the ARP and pinging host 8.8.8.8 from CLI but not responding.
04-16-2025 08:59 AM
Hello @Dars_Em
Here's what I recommend:
Regards
04-16-2025 09:00 AM
I still strongly recommend a packet capture being setup on your untrust / WAN interface. Food for thought - if you changed ISP to a different provider then you may need to account for something such as MTU on the WAN interface.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!