This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences

Question about Service Route Configuration

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

Question about Service Route Configuration

Cmaddox
L0 Member

‎04-17-2020 04:58 PM

I just inherited a PA-820 and know nothing about this device.  It's unable to connect to the cloud for updates.  Currently it's service route is set as the default (Management Interface).  I was told by support to switch it to an untrusted interface to resolve this.  I can see how that is done via this article: https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClGJCA0

 

My question: Is the Service Route strictly for device management and updates?  Because I don't know anything about this device, I certainly don't want to screw anything up by making this change.  Is there any risk to doing this?

 

Thanks!  

0 Likes Likes
2 REPLIES 2

SutareMayur
L6 Presenter

‎04-17-2020 10:31 PM - edited ‎04-17-2020 10:41 PM

@Cmaddox ,

 

Service Route is for routing specific traffic from any other interface as per requirement. By default, it uses management interface. Now services like NTP, Syslogs, SNMP Palo alto updates etc are listed under service Route config. Now in your case, you want to do service route changes for Palo Alto updates, you can just select particular settings for this, and select any other interface and it's associated IP address and Ok. Then commit.

 

Once you commit, palo alto updates request will go from the newly configured interface instead of management interface. And this is applicable for only Palo Alto updates as you have made changes for this service only. All other will go via default i.e. management interface.

 

Hope it helps!

Mayur

M

Check out my YouTube channel - https://www.youtube.com/@NetworkTalks

MP18
Cyber Elite
Cyber Elite
In response to SutareMayur

‎04-18-2020 10:12 PM

In addition to what Mayur said 

Also verify that DNS server and update server is configured under device, setup and services.

MP

Help the community: Like helpful comments and mark solutions.
  • 2775 Views
  • 2 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!

LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2024 - Palo Alto Networks