I recently set up the Clientless VPN feature in PAN-OS 8.0 and I'm having problems with the domain names for the Clientless Apps not resolving. I added a DNS Proxy in the Clientless VPN section of the GlobalProtect Portal that is associated to the GP Portal interface and the interface that's connected to the network where the Clientless App lives. It works if I use the IP Address of the Clientless App instead of the domain name.
Any help please?
Pretty much any issue with 8.0 I would recommend that you contact TAC so that you can verify that you have it configured correct but you can also quickly determine if you are running into a bug on the new 8.0 platform. It could be a simple DNS Proxy misconfiguration, but it could also easily be a bug.
Thanks for the suggestion. I finally got it to work however, I had to create Static Entries in the DNS Proxy in order for it to resolve the domain names. I didn't think I needed to create Static Entries since the Primary & Secondary DNS Server in my DNS Proxy pointed to my Internal DNS Servers that have records for all of the domain names that I included in my Clientless App configuration.
I will create a Support Case just in case this is a bug.
Nice to know that you got it working. Ya, since the Clientless VPN is still technically a 'beta' I would bring up any issues you see going forward with TAC, that gives PA a chance to see if it's a bug that still needs to be fixed.
Same problem on PAN-OS 9.0.8. If I'm not wrong, it worked on some previous releases.
I opened a support case and I'll let you know.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!
The Live Community thanks you for your participation!