Sorry guys, brain barely working today, my palo firewalls Web management page is returning a 404 error when connected to sites VPN.
But if I remote into the Web proxy server I can access it.
I believe this suggests the external dns isn’t working is that right or what other dumb thing am I missing?
What happens if you access it via incognito mode or a different browser?
Have you cleared cache and cookies?
I would check the mgmt allow list. Is it configured to allow your VPN IP/range?
Are you getting an actual 404 or are your attempts just timing out?
You said you suspected DNS, can you resolve the name…? Ping the address, does it respond?
I’d guess you have an allow list set for the management access, check that first
Are you accessing the management port, or a management profile with HTTPS that has been assigned to an interface?
Check NAT. If you’re going from Inside zone to Outside zone you probably have a general NAT policy to change source IP to that of your Outside interface so that would be a LAND attack to have the same source and destination IP. You need a No NAT policy with the interface IP as the destination IP.
If you are accessing it from Outside zone to Outside zone you may have a destination NAT (or bidirectional) rule that is directing traffic to another resource.
Can you SSH to the management interface? If so, drop the TCP MTU to say 1200. I’ve seen weird problems in the past where MTU/fragmentation prevents the management interface from loading when traversing a VPN tunnel.
If not, then I’d check DNS as others have stated.
Yeah like browser shows a 404 error.
I can ping the site name and the wrp server responds saying the ip responds.
I’ll check the allow list, thank you.