Hi Zebust, Assuming you have checked anything upstream that could be preventing the traffic flow and checked the traffic is being NAT'd correctly leaving your network!. Might be worth attempting to use service route configuration and use a data port. https://live.paloaltonetworks.com/t5/Configuration-Articles/Setting-a-Service-Route-for-Services-to-Use-a-Dataplane/ta-p/59433 If you have configured L3 data ports, set the service route configuration to use the external Layer3 address to source the service, Traffic should be allowed by default (intrazone allow policy - untrust-to-untrust for example) Normally done for isolated management networks however have had to use this in the past, not sure of the root cause and after updating the firewall, changed back the service route configuration to the mgt port it was successful. Also doing it this way you can see the traffic in the traffic logs, alternatively if you wanted to go further into troubleshooting the management port: https://live.paloaltonetworks.com/t5/Management-Articles/How-To-Packet-Capture-tcpdump-On-Management-Interface/ta-p/55415 Regards, Ben
... View more