Question about Service Route Configuration

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

Question about Service Route Configuration

L0 Member

I just inherited a PA-820 and know nothing about this device.  It's unable to connect to the cloud for updates.  Currently it's service route is set as the default (Management Interface).  I was told by support to switch it to an untrusted interface to resolve this.  I can see how that is done via this article: https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClGJCA0

 

My question: Is the Service Route strictly for device management and updates?  Because I don't know anything about this device, I certainly don't want to screw anything up by making this change.  Is there any risk to doing this?

 

Thanks!  

2 REPLIES 2

L6 Presenter

@Cmaddox ,

 

Service Route is for routing specific traffic from any other interface as per requirement. By default, it uses management interface. Now services like NTP, Syslogs, SNMP Palo alto updates etc are listed under service Route config. Now in your case, you want to do service route changes for Palo Alto updates, you can just select particular settings for this, and select any other interface and it's associated IP address and Ok. Then commit.

 

Once you commit, palo alto updates request will go from the newly configured interface instead of management interface. And this is applicable for only Palo Alto updates as you have made changes for this service only. All other will go via default i.e. management interface.

 

Hope it helps!

Mayur

M

Check out my YouTube channel - https://www.youtube.com/@NetworkTalks

In addition to what Mayur said 

Also verify that DNS server and update server is configured under device, setup and services.

MP

Help the community: Like helpful comments and mark solutions.
  • 2784 Views
  • 2 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!