Firewall is not accessible after deployment in OCI

Firewall is not accessible after deployment in OCI

0
Created On 02/13/20 15:52 PM - Last Modified 07/19/22 23:16 PM


Symptom


  • Unable to access the firewall after deployment. The management IP cannot be reached via the internet.
  • Check connectivity from localhost using ping. If ping succeeds, verify if the instance is accessible via ssh

  • Login to OCI console and check if the PA-VM has the correct Public IP associated with the private IP of the management interface under below path:
    Compute > Instances > Click on the FW instance > Verify Public IP under Primary vNIC info

  • Further identify the attached VNIC to the PA-VM instance and Click the management VNIC

  • Check the subnet’s associated route table by clicking on Subnet and then clicking the Route Table

  • Once in the subnet click on the associated route table and check routes.

  •  Notice no routes are configured to route traffic to Internet via IGW

Environment


  • Platform: VM-Series Firewall
  • PAN-OS / Plugin Version: ANY
  • Deployment: Any

Cause


  • Route towards the internet via the Internet gateway (IGW) is missing.

Resolution


  • Configure default route pointing towards the Internet Gateway.
Other users also viewed:
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000POfuCAG&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail