05-15-2025 09:55 AM
We’re using three ISPs (Primary, Secondary, and Tertiary) in our Palo Alto firewall setup:
However, the path monitoring on the secondary interface is down. We've double-checked all settings multiple times but haven't been able to resolve the issue. Every time a failover occurs, the traffic switches to the tertiary interface, and the recovery always reverts to the primary, as the secondary interface's path monitoring remains down.
We’re wondering if we might be overlooking something in the configuration when setting up three ISPs in Palo Alto (since configuring two ISPs is usually more straightforward).
Has anyone faced a similar issue or have any suggestions on how to resolve this? or if the three ISPs redundancy supported this way in palo alto.
Any help would be greatly appreciated!
06-03-2025 07:16 AM
Hi @Jagdeep1 If you are seeing path monitoring for ISP2 is down, did you try to check ping responses manually from desired source IP to configured destination IP to see if you are getting response. You can try this from cli using command ping source x.x.x.x host x.x.x.x . Until there is no response, path monitoring will be DOWN.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
