01-03-2015 07:27 AM
I have to be missing something completely logical here. We just deployed our pair of PA-5050's and I am in the process of setting up what I thought was going to be a simple GP VPN for remote management use.
When setting up the gateway and portal, it only gives me the option to use the local trusted interface for that vsys. In prior, smaller scale deployments, I always thought the external untrusted IP went here, but I believe it is unavailable due to the fact it is assigned to a shared gateway.
I attempted to create a static nat with an available IP and NAT it to the internal trusted interface on that vsys that was used in the GP Portal/GW config, however I receive no Global Protect login prompt, just an immediate "no data received" and the GP client errors out immediately.
Am I missing something completely logical and apparent here? I combed through the PAN-OS admin documentation but couldn't find anything addressing these scenario.
Thanks in advance for any thoughts.
01-03-2015 08:57 AM
Figured it out. Missed an IP address within the GP gateway config beneath the interface selection. Knew it was something crazy simple. All good now.
01-03-2015 08:57 AM
Figured it out. Missed an IP address within the GP gateway config beneath the interface selection. Knew it was something crazy simple. All good now.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
