09-09-2012 07:45 AM
Hi,
i have configured GP for remote access, and now i want to test connectivity but the problem is when i try to connect with my web browser on https://<pub_ipaddress> i dont get download site for GP client.
One more interesting thing is that i have published this pub_ipaddress and port 443 for mail server. Can this be in the way or else?
I used GP-configuration guide for this is my 1st time.
Settings are:
- tunnel in inside zone - with local ip add
- gp gateway - basic configuration
- portal - basic configuration
- security policy - permited all
- auth - local database
- certificates - created
- i didnt configure ike, ipsec, they are defaults
Thnx,
09-09-2012 11:15 AM
Hi,
Global protect portal page can be accessed only via https on port 443. So if you have another service like a mail server running on the same ip and port combination then you have a conflict and you cannot get both of the services working. You can try the following workaround stated in the below doc where you are using the same public ip address but a different port for the global protect portal. In this situation you will nat u r public ip and a port combination to an internal ip and 443 port combination. So for example if you type https://public_ip:7000 then it will be nat'ed to internal ip and 443 port and you can configure this internal ip as the portal ip in the global protect portal configuration.
https://live.paloaltonetworks.com/docs/DOC-3457
Tx,
Sandeep T
09-09-2012 11:15 AM
Hi,
Global protect portal page can be accessed only via https on port 443. So if you have another service like a mail server running on the same ip and port combination then you have a conflict and you cannot get both of the services working. You can try the following workaround stated in the below doc where you are using the same public ip address but a different port for the global protect portal. In this situation you will nat u r public ip and a port combination to an internal ip and 443 port combination. So for example if you type https://public_ip:7000 then it will be nat'ed to internal ip and 443 port and you can configure this internal ip as the portal ip in the global protect portal configuration.
https://live.paloaltonetworks.com/docs/DOC-3457
Tx,
Sandeep T
09-09-2012 01:25 PM
This document is a lifesaver 
, great job. I managed to download GP client, but now when i try to connect i get not connected msg. I put my credentials and public-p:7000, thed tried public-ip, but nothing hapens.
It is confusing, do you have anything about this?
thanks in advance
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
