ATTENTION Customers, All Partners and Employees: The Customer Support Portal (CSP) will be undergoing maintenance and unavailable on Saturday, November 7, 2020, from 11 am to 11 pm PST. Please read our blog for more information.
I have multiple servers behind a clientless Global Protect VPN Portal and they all work fine apart form the Demisto (Cortex XSOAR) HTTPS, which shows blank page when browsing to it.
The Demisto server works fine when browsing to it directly and all other sites work ok over the Clientless portal . The GP Clientless content package is up to date and I have been testing with security policy allowing any service/application to the Demisto server. I see permitted traffic in logs with packets flowing in both directions. It looks like that the issue is related to the Clientless Content re-write and I followed the content rewrite troubleshooting page, but had I could not find the exact reason for the behaviour and how to fix it. I also could not find anything related to the issue in the Demisto support section.
The blank page could possibly be due to a misconfiguration.
Can you check if you have everything properly configured as in the following admin guide:
+ Check if you have the correct NAT rule, security rules.
+ Check if you have the proper routes to the application.
+ Check if the application host can be resolved by DNS, to confirm this, run the following command via command line:
> show system setting ssl-decrypt dns-cache
I hope this helps. Let us know if you are still experiencing any issues.
@domari We could not see anything misconfigured and we only have issues with the Demisto server. All other appliances seem to work ok behind the Clinetless VPN. If I understand it correct the Clientless VPN portal re-writes the page content and I wonder if this is somehow causing the issue.
I am seeing this as well - my search led me to this post, so I am thinking there is something with Cortex XSOAR that GP Clientless doesn't like. Did you ever find a solution? If not, I am going to raise a case. I tried both with the FQDN and IP address, and the page is blank. If you view the source, you can see that other than the stuff that GP clientless adds, it's all there. It just doesn't display.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!
The Live Community thanks you for your participation!