Unable to edit DNS server and DNS Suffix configuration on the Global Protect Gateway for Mobile Users on a Panorama.

Unable to edit DNS server and DNS Suffix configuration on the Global Protect Gateway for Mobile Users on a Panorama.

1781
Created On 02/28/25 08:14 AM - Last Modified 05/09/25 02:31 AM


Symptom


  • On Panorama managed Prisma Access:
  • Editing the DNS server and DNS Suffix configuration on the Global Protect Gateway for Mobile Users does not work.
  • GUI Path: Network > GlobalProtect > Gateways > (select gateway name) > Agent > Client Settings > (select config name) > Network Services



 

Environment


  • Panorama managed Prisma Access
  • Cloud Service Plugin: 5.1

Resolution


  1. Use the CLI commands to edit the DNS server and DNS suffix settings.
  2. The command is given below to set the DNS server as 10.0.0.1/32.
admin@Panorama> configure
admin@Panorama# set template Mobile_User_Template config vsys vsys1 global-protect global-protect-gateway GlobalProtect_External_Gateway remote-user-tunnel <gateway-config-name> remote-user-tunnel-configs <gateway-config-name> dns-server 10.0.0.1/32
admin@Panorama# exit
admin@Panorama> show config candidate
...
remote-user-tunnel-configs {
    <gateway-config-name> {
           ...
           retrieve-framed-ip-address no;
           no-direct-access-to-local-network no;
           dns-server 10.0.0.1/32;
Other users also viewed:
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u000000PRHCCA4&lang=en_US&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail