Error:
An unexpected error occurred. Please click Reload to try again.
Error:
An unexpected error occurred. Please click Reload to try again.
Palo Alto Networks Support for Null Routes - Knowledge Base - Palo Alto Networks

Palo Alto Networks Support for Null Routes

52667
Created On 09/25/18 19:54 PM - Last Modified 08/05/19 20:36 PM


Resolution


Overview

A null route (blackhole route) is a network route (routing table entry) that goes nowhere. Matching packets are dropped (ignored) rather than forwarded, acting as a kind of very limited firewall. The act of using null routes is often called blackhole filtering. There is no Null interface as such on the Palo Alto firewalls, that can be used to point the routes out to, something like:

set route 10.251.240.0/21 interface null preference 250

Workaround

Create an unnumbered dummy tunnel interface (tunnel interface with out an IP) and point the route on that interface, with the next hop option selected as "none".

ss1.png

owner: kprakash
Other users also viewed:
How to download GlobalProtect from the Customer Support Portal
Download and Install the GlobalProtect App for Windows
Resource List: GlobalProtect Configuring and Troubleshooting
PAN-OS Software Updates
Where to find the current preferred software versions? (PAN-OS, GlobalProtect, User-ID Agent, Plugins)
Results 1-5 of 238,860
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000Clh9CAC&lang=en_US&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail

Choose Language