05-31-2012 06:41 AM
Hi
I have just setup my Palo but it cant access any of the update servers, i have a security rule which is source trust zone des untrusted
my trusted zone is on a 10.x.x.x range
my un-trusted which connect to the isp router is a 213.x.x.x range,
05-31-2012 07:46 AM
Hi notleyhigh.
PAN device would access update-server using MGT interface is default.
You should check that your MGT that access the internet or look up a DNS server that you configured or connect updates.paloaltonetworks.com.
Thanks.
Regards.
Roh.
05-31-2012 10:33 AM
All the updates by default are through management interface unless you have configured a service route. If you are using the management interface, make sure it can reach the internet and also the DNS can resolve the updates.paloaltonetworks.com.
If you are using a layer 3 data plane interface, make sure it can reach the internet and can also resolve the updates.paloaltonetworks.com. To ensure pings are successful, enable ping using the management profile.
05-31-2012 10:55 AM
Got it fixed now move the management ip to local LAN and point it at the correct gateway.
Thanks
Mark
05-31-2012 01:06 PM
No need to move the management to dataplane.
Instead go to Device -> Setup -> Services and click on Service Route Configuration and change so just the updates goes through that dataplane interface.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
