11-10-2013 12:16 AM
Dear All,
Hope you are doing well.
I want to access the PaloAlto web portal from the internet. if I type the public IP it will be connected but i want to put a port number that only my team know it and for more security.
Ex: 10.10.10.10 :44443
or is there another way to connect from public IP
11-10-2013 12:41 AM
1>Configure a loopback interface and allow https on this interface through interface management profile.
2>Create a Destination NAT rule to translate the traffic on Public IP + Desired Port (4443) to Loopback IP : port 443.
3>Allow this traffic through security rule
4>Remove the Interface management profile off the Public interface.
HTH,
Ameya
11-14-2013 12:00 AM
Dear Ameya,
thank you for your response.
but i need more info in the NAT rule.
11-14-2013 12:09 AM
You can NAT to management interface(or LAN interface with https management profile enabled)
from untrust zone to untrust zone to destination ip(your public) port XXXX(you want) destionation NAT 10.10.10.10(management ip or LAN interface ip it can be) port 443
from untrust zone to trust zone to destination ip(your public again) port XXXX(you want) allow
This will make you access to your management
you can disable https on your public interface management.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
