unable to access the firewall through both the GUI and CLI modes

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

unable to access the firewall through both the GUI and CLI modes

L1 Bithead

I am unable to access the firewall through both the GUI and CLI modes, but the internet is functioning properly. The firewall gateway is located at 192.168.0.1, and it is reachable via ping.

6 REPLIES 6

L3 Networker

Hi @Y.Rawat135268 ,

 

You may try to connect console to check if you can get into that firewall also may I check if the firewall is managed via Panorama or everything configured locally? If device is managed via panorama you may try to check with switching context. Additionally, as per provided information, looks like you have issue with MP due to that you are not able to access the firewall via GUI or CLI.



Best Regards,
Mohammad Talib

Hello @mshekh,

I added the public IP address to the interface management profile. Since then, the firewall has been inaccessible.

Thanks

 

L3 Networker

Hi @Y.Rawat135268 ,

 

Have you enabled the https and ssh access on interface management profile. If no then you need to access device using console or via Panorama to enable the https / ssh access. Also you can access the device using management interface instead of data interfaces as interface management profile is applicable for data interfaces.

 
 


Best Regards,
Mohammad Talib

Hello @mshekh,

 

Yes, HTTPS and SSH are enabled in the management profile. I tried to access the firewall from the MGMT interface, but it is not accessible. The LAN and MGMT IPs (192.168.0.1) are the same, which may be why it is not accessible.

Thanks

 

Hello @mshekh,

Can I directly connect my laptop to another available interface on the firewall to access it?

Thanks,

Thanks, 

Cyber Elite
Cyber Elite

@mshekh,

The MGMT interface is completely separate from the dataplane so them overlapping wouldn't be an inherent issue for the firewall when it comes to retaining access. That isn't to say having overlapping addresses wouldn't give you routing issues behind the firewall depending on how any connected network is actually configured. Since you don't have access to the firewall through CLI or GUI, you'll need to actually be able to console into it to correct things at this point. While we don't now anything about the network that your firewall is connected to, I would start by just ensuring that you aren't stepping on overlapping addresses so you can rule out routing reaching the firewall.

 

If you're deadset on needing the GUI to correct this issue and aren't comfortable in the CLI through the console port, you would be able to disconnect the MGMT port and directly plug into it with your laptop. Keep in mind that any permitted-ip limitations will still be in play, so if you have that functionality configured your laptop will need to be set to a permitted address to access the firewall at all through this method.

As to your last question, this would only work if you already have the interface configured and have an interface management profile assigned to it. That wouldn't be a standard configuration to have; the best path forward that we can really offer without major risk to your network is correcting the issue through the console port or directly connecting your laptop to the MGMT interface to regain access to the device.

  • 409 Views
  • 6 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!