Dear community,
I work with Palo Alto Networks firewalls and Checkpoint.
Today, I was wondering, why I'm unable to get a cpuse connections from Gaia R77.30.
After a short troubleshooting I found out, that some domain servers where unreachable from management interface.
Policywise, everything sourced from checkpoint ips should be allowed, nonetheless, I'm unable to ping the dns servers from a few ip addresses.
After changing the management interface to a ip, where the dns-servers can be reached, dns works.
Updates are still failing, but due to a broken Smartlog server, I'm unable to see any logs.
That's my story, now the question:
With Palo Alto, you can define service routes, to say: "DNS is sourced from Ethernet 1/1 with IP w.x.y.z"
"Updates are sourced from MGMT Interface" and so on.
How is this with Checkpoint? Which interface is used for doing Radius, SSH, DNS, NTP, Pings etc?
Where can I configure this?