Permitted IP : Documentation wording

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Permitted IP : Documentation wording

L3 Networker

Hi,

In the version 4.0 admin guide , the description for permitted IP address in Device > Setup is as follows.

"Permitted IP Addresses Enter the IPv4 or IPv6 addresses of any external servers that are used to provide updates to the firewall through the management ports."

Maybe its just me , but I got a bit confused because of the term "provides updates" , it made me think that this configration is somehow related to the "Update" server setting within Device > setup (where the firewall downloads updates from),  but it looks like these settings are related management "access" restrictions on the Mangement port.

I would recommened a change in the wording to make it a bit more clear, unless it really has something to receiving "updates".

Regards,

Sunil

1 accepted solution

Accepted Solutions

Sunil

Your understanding of permitted IP is correct. This is list of IP addresses from which management of the FW is allowed. I will get this corrected in the documentation.

Thank you

Jerish

View solution in original post

4 REPLIES 4

L4 Transporter

Sunil,

The default behavior of the PaloAlto is to use the Management IP address as the source for requesting updates, radius and various other communications. However, it is possible to make one of the firewall interfaces  the source using the "Service routes" option.

Steve Krall

Hi Steve,

Thanks for the reply,  I may have not coveyed what I wanted to say accurately, my concern was not aimed at which interfaces handle updates and how we could change the defualt behaviour using service routes. 

My only concern was the wording used to describe what the "Permitted IP" address list does under Device > Setup .

From my understanding this a Management access permit list , where you can define Ip address or ranges from which management access is allowed. but the wording used to describe that in the documentation seems a bit confusing , it tends to hint towards this list being a list of systems from when Updates can be received.

I hope this explains it better.

Regards,

Sunil

Sunil

Your understanding of permitted IP is correct. This is list of IP addresses from which management of the FW is allowed. I will get this corrected in the documentation.

Thank you

Jerish

Thanks Jerish.

Regards,

Sunil

  • 1 accepted solution
  • 2787 Views
  • 4 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!