Global Protect 8.1 - Building Clientless VPN but stuck on DNS-Proxy Setup

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Global Protect 8.1 - Building Clientless VPN but stuck on DNS-Proxy Setup

L1 Bithead

I am starting to build a clientless vpn setup, but I am getting errors when building a DNS Proxy and DNS Server Profile. 

I get this error msg. I tried ethernet, tunnels and loopback interfaces and they all failed. I tried following the instructions but i get the same error message. Does it matter if use the a loopback or tunnel interface? all of them are set for "layer 3". not sure why its calling it "invalid". 

 

Details:

Validation Error:

dns-proxy -> DNS-Proxy -> interface 'loopback.998' is not a valid reference

dns-proxy -> DNS-Proxy -> interface is invalid

No DNS default obj found

(Module: dnsproxyd)

Commit Failed. 

 

https://docs.paloaltonetworks.com/globalprotect/8-1/globalprotect-admin/globalprotect-clientless-vpn...

https://docs.paloaltonetworks.com/pan-os/8-1/pan-os-admin/networking/dns/configure-a-dns-proxy-objec...

https://docs.paloaltonetworks.com/pan-os/8-1/pan-os-admin/networking/dns/configure-a-dns-server-prof...

4 REPLIES 4

L1 Bithead

btw..I get the error as I commit to Template from Panorama. 

@mypasecure2017,

So from the message that the validation is giving you it would appear that you are attempting to use a loopback interface that doesn't exist. Are you sure that the template actually includes the 'loopback.998' interface that you are trying to use here? 

Yes. I am sure because I ran into similar issues like it and fixed it. But this time with DNS Proxy nothing seems to work regardless which interface I use. I suspect that there is a sync problem between Panorama and the firewall device because I created a tunnel and loopback interface within Panorama but only partial configs was pushed to the firewall device. I am not sure how or where I can go to find what items are synced between Panorama and the firewall.  

  • 4596 Views
  • 4 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!