GUI Access on Public IP

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.

GUI Access on Public IP

Cyber Elite
Cyber Elite

I'm setting up a PA-200 for a remote office and was wondering if anyone could tell me how I would restrict the GUI access on the Public IP to solely 1 range of public IP addresses. As it sits now I have access on any device as long as I have the password and username, I'm not sure if that is the normal default or not but it doesn't really sit well with me. Thanks for any help!

1 accepted solution

Accepted Solutions

L6 Presenter

Hi BPry,

 

You can create a management profile and allow specific IP address or subnet. Then apply it to the outside interface. See below:

 

 

 mgmt.PNG

View solution in original post

5 REPLIES 5

L6 Presenter

Hi BPry,

 

You can create a management profile and allow specific IP address or subnet. Then apply it to the outside interface. See below:

 

 

 mgmt.PNG

Thanks! I actually just figured it out, didn't realize that it was allowed for everyone until I realized that my laptop wasn't on the wifi today. 

I have configured 1/1 as untrust layer 3 interface with a public IP connected to home router. My management interface is configured as 192.168.18.100. How do I access the WebGUI of this PA-200 using https://192.168.18.100 from my office which is 10.231.x.x desktop IP. This PA-200 is used as IPsec tunnel from my home to on premise ASA.

L0 Member

Hello, I can access my PA-300 device from internal network with private IP, but can't do it with external IP, the problem is only with HTTPs, SSH works fine

Cyber Elite
Cyber Elite

Hello @BPry ,

The other thing I so is put in a security Policy to only allow access via the whitelisted IP's.

Cheers!

  • 1 accepted solution
  • 8267 Views
  • 5 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!