Connected networks do not match across cluster members for Palo Alto Networks


Indeni will identify when two devices are part of a cluster and alert if the networks they are directly connected to do not match.

Remediation Steps

Ensure all of the required ports are configured correctly on all cluster members, including the subnet mask.

How does this work?

This script uses the Palo Alto Networks API to retrieve the current routing table (the equivalent of running "show routing route" in CLI).

Why is this important?

Capture the route entries that are directly connected to the device.

Without Indeni how would you find this?

An administrator would be able to poll this data through SNMP but additional external logic would be required to correlate the connected routes table across cluster members.

