Rewrite Exclude domain list

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

Rewrite Exclude domain list

L1 Bithead

Hi, Tried to rewrite internal domain on clientless vpn prisma SASE, but i cant access it. if didnt rewrite the domain i can access it through clientless vpn. for example i have domain https://trulymagical.com/https/halo.deer.com   but i want to rewrite and exclude domain list to be https://halo.deer.com   only without the gp portal name in front of it. but i got an error i cant access it anymore if i rewrite it. please help me if anyone knows. 

2 REPLIES 2

Cyber Elite
Cyber Elite

As your question is a little bit unclear and I admit that I don't completely understand it I can mention that you need to make certain that Prisma Access also is able to resolve your internal domain halo.deer.com as well.

 

See:

 

DNS for Prisma Access

 

Outside of that the article for clientless vpn on the NGFW is better Configure Clientless VPN than the one for Prisma Access GlobalProtect — Clientless VPN so better review it as well.

 

 

Also you could set your crypto settings to the lowest level as it could be that your origin web uses old TLS just to see if it works and then to harden it. Also use tcpdump on the origin server to see if Prisma access connects to it and if needed check the origin server logs as well.

L3 Networker

@FarrasErdiansyah wrote:

Hi, Tried to rewrite internal domain on clientless vpn prisma SASE, but i cant access it. if didnt rewrite the domain i can access it through clientless vpn. for example i have domain https://trulymagical.com/https/halo.deer.com   but i want to rewrite and exclude domain list to be https://halo.deer.com   only without the gp portal name in front of it. but i got an error i cant access it anymore if i rewrite it. please help me if anyone knows. 


Hello @FarrasErdiansyah , I understand you are trying to rewrite an Internal domain for your clientless VPN in Prisma Access SASE, I believe the warning message you are seeing is expected. Any domain you add to the "Rewrite Exclude Domain List" are excluded from rewrite rules and cannot be rewritten. And paths are not supported in domain names. You can check the step 6 of this documentation: https://docs.paloaltonetworks.com/prisma-access/administration/prisma-access-mobile-users/mobile-use...

 

I hope that answers your questions. 

 

Thank you,

Vickynet. 

  • 1218 Views
  • 2 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!