Globalprotect Portal same IP w/ management interface

cancel
Showing results for 
Search instead for 
Did you mean: 

Globalprotect Portal same IP w/ management interface

Not applicable

Hello,

Before setting up globalprotect portal, I could access the management interface using the public IP externally. Once I configured globalprotect portal for VPN, the IP now directs you to globalprotect welcome login page. Which is normal, cause I remember reading that, and you can access the administrative interface with the same IP and adding a slash "something" on the URL.

Does anyone seem to now what that https://x.x.x.x/"something" is to access the administrative interface cause I can't seem to find it anymore.

Thank you

1 ACCEPTED SOLUTION

Accepted Solutions

L5 Sessionator

The GlobalProtect Portal can be accessed by going to the IP address of the designated interface using https on port 443.

The WebUI on the same interface can be accessed by going to the interface's IP address using https on port 4443.  The port for WebUI management is changed because the tcp/443 socket used by GlobalProtect takes precedence.

For instance, to go to the GlobalProtect Portal: https://192.168.1.1

To go to the web UI on the same interface: 192.168.1.1:4443

If the interface has additional IP addresses where one IP address is completely dedicated to Management another IP address is used for GlobalProtect, the https management of the firewall is still only possible through port 4443.

Additionally,  you can also refer to another work around mentioned in the below document.

https://live.paloaltonetworks.com/docs/DOC-3457#comment-2698

Best regards,

Karthik RP

View solution in original post

5 REPLIES 5

L5 Sessionator

The GlobalProtect Portal can be accessed by going to the IP address of the designated interface using https on port 443.

The WebUI on the same interface can be accessed by going to the interface's IP address using https on port 4443.  The port for WebUI management is changed because the tcp/443 socket used by GlobalProtect takes precedence.

For instance, to go to the GlobalProtect Portal: https://192.168.1.1

To go to the web UI on the same interface: 192.168.1.1:4443

If the interface has additional IP addresses where one IP address is completely dedicated to Management another IP address is used for GlobalProtect, the https management of the firewall is still only possible through port 4443.

Additionally,  you can also refer to another work around mentioned in the below document.

https://live.paloaltonetworks.com/docs/DOC-3457#comment-2698

Best regards,

Karthik RP

View solution in original post

Thank you for your fast reply,

It that was it!

Kind Regards

Hi,

are you sure you typed https ?

Not applicable

thank you all, yes https.

it was policy issue after words.

L1 Bithead

Thank you Kprakash. 443 versus 4443

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!