Products
Solutions
Partners
Support
Company
Try Now
Pulse Secure Community
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Remove access */admin page from External port

SOLVED
Go to solution
WorkerBee_
Occasional Contributor
‎03-20-2009 08:29:AM
‎03-20-2009 08:29:AM

Remove access */admin page from External port

How to prevent */admin page from access/display from the external/public interface?

I have disabled the following but I still can access https://x.x.x.x/admin page but I can't login which is part of my config.

How to prevent */admin page from loading when is accessed from External port?

The */admin page should be accessible from Internal Port.

Administrator Authentication Realms>

Admin Users

Administrator sign in ports

[*] Enable administrators to sign in on the Internal Port

[ ] Enable administrators to sign in on the External Port

0 Kudos
1 ACCEPTED SOLUTION

Accepted Solutions
Inyoka_
Occasional Contributor
‎03-23-2009 08:17:AM
‎03-23-2009 08:17:AM

Re: Remove access */admin page from External port

Insteadt of */admin you can use [IP of internal Interface]/admin as thje Sign-In URL. If you're using the IVE in a cluster, you then have to create an individual Sign-In URL for every Node IP and the Cluster IP also.

View solution in original post

0 Kudos
4 REPLIES 4
Tessian_
Frequent Contributor
‎03-23-2009 07:52:AM
‎03-23-2009 07:52:AM

Re: Remove access */admin page from External port

You could approach this a different way-- for all your Administrator realms put a Source IP restriction at the realm level. I've never done it before but I'm pretty sure you can give it a subnet, so you'd tell it to allow only 10.0.0.0/8 for example (not sure if that's the right syntax either). The URL would still be open externally, but nobody would be able to log in externally.
0 Kudos
WorkerBee_
Occasional Contributor
‎03-23-2009 07:55:AM
‎03-23-2009 07:55:AM

Re: Remove access */admin page from External port

I have done that already by restricting based on source ip addresses. Since the perimeter router is filtering

RFC 1918 private ip address range, it seems to be safe but it will be better if I can totally deny the /admin page from loading

from the external interface.

0 Kudos
Inyoka_
Occasional Contributor
‎03-23-2009 08:17:AM
‎03-23-2009 08:17:AM

Re: Remove access */admin page from External port

Insteadt of */admin you can use [IP of internal Interface]/admin as thje Sign-In URL. If you're using the IVE in a cluster, you then have to create an individual Sign-In URL for every Node IP and the Cluster IP also.
0 Kudos
WorkerBee_
Occasional Contributor
‎03-23-2009 08:24:AM
‎03-23-2009 08:24:AM

Re: Remove access */admin page from External port

That's what I wanted. <IP Address>/admin instead of */admin will prevent the external interface from loading the /admin page.

Thanks.

0 Kudos
© 2017 Pulse Secure, LLC. Use of this website assumes acceptance of our Legal Notices and Privacy Policy. Pulse Secure has updated its Privacy Policy effective June 28, 2017.