This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences

Enhanced Security Measures in Place:   To ensure a safer experience, we’ve implemented additional, temporary security measures for all users.

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

Who rated this post

Access to Web-GUI (on MGMT-Port) via IPSec-Tunnel from external network

GuidoKramer
L0 Member

‎06-07-2019 01:34 AM

Hey everyone,

 

I have the following active-passive-HA-scenario:

 

ethernet1/1: External Interface (vpn termination point)

ethernet1/2: Internal Interface

MGMT: Management-Interface

HA1: HA

HA2: HA

 

For administrative and monitoring purposes I need access from an external network to the WEB-GUI of both firewall-systems. Because of active-passive-HA, just one firewall is available at the same time. So I thought: Is it possible to establish a IPSec-Tunnel between two firewall to get access to the WEB-GUI:

 

The ipsec tunnel works fine and I can see hits on the security policy which should allow the traffic from external network to the Management-Interface of the palo alto firewall. But the access via https does not work. 😞

 

My questions:

- Is it possible to get access from external network via ipsec-tunnel to the Management-Interface of a Palo Alto Firewall?

- Are there other ways to get access from external network via ipsec-tunnel to the WEB-GUI of both firewall-systems?

 

 

Thanks in advance

2 people had this problem.
(1)
Who rated this post
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2024 - Palo Alto Networks