The firewall uses the management (MGT)
interface by default to access external services, such as DNS servers,
external authentication servers, Palo Alto Networks
®
services such
as software, URL updates, licenses and AutoFocus. An alternative
to using the MGT interface is to configure a data port (a regular interface)
to access these services. The path from the interface to the service
on a server is known as a
service route. The service
packets exit the firewall on the port assigned for the external service
and the server sends its response to the configured source interface
and source IP address.