- Access exclusive content
- Connect with peers
- Share your expertise
- Find support resources
06-07-2019 01:34 AM
Hey everyone,
I have the following active-passive-HA-scenario:
ethernet1/1: External Interface (vpn termination point)
ethernet1/2: Internal Interface
MGMT: Management-Interface
HA1: HA
HA2: HA
For administrative and monitoring purposes I need access from an external network to the WEB-GUI of both firewall-systems. Because of active-passive-HA, just one firewall is available at the same time. So I thought: Is it possible to establish a IPSec-Tunnel between two firewall to get access to the WEB-GUI:
The ipsec tunnel works fine and I can see hits on the security policy which should allow the traffic from external network to the Management-Interface of the palo alto firewall. But the access via https does not work. 😞
My questions:
- Is it possible to get access from external network via ipsec-tunnel to the Management-Interface of a Palo Alto Firewall?
- Are there other ways to get access from external network via ipsec-tunnel to the WEB-GUI of both firewall-systems?
Thanks in advance