Why is the Prisma Browser Remote Connection app / Privileged Remote Access App is not accessible with "Internal failure connecting to remote server" error?

Why is the Prisma Browser Remote Connection app / Privileged Remote Access App is not accessible with "Internal failure connecting to remote server" error?

1349
Created On 05/23/25 00:23 AM - Last Modified 12/08/25 22:27 PM


Symptom


  • Prisma Browser is being used.
  • When trying to use "Remote Connection App" or "Privileged Remote Access App", error message "Internal failure connecting to remote server" is seen.

Environment


  • Prisma Access(SASE)
  • Supported PAN-OS
  • Prisma Browser 
  • Privileged Remote Access (PRA)

Cause


  • DNS resolution failure for private applications.
  • Remote Connection App or the PRA app is defined with FQDN
  • Mobile User's Gateway's tunnel.1 IP (One of the IP from Mobile User's Client IP Pool), cannot resolve that fqdn,
  • This causes the error as displayed in the screenshot below.

Error message seen on Prisma Browser

 

Resolution


  1. The FQDNs need to be resolved from the Mobile User's Subnet. This subnet is configured in the Strata Cloud Manager under Workflows > Prisma Access Setup > GlobalProtect Infrastructure Settings > Client IP Pool.
  2. If the FQDNs are internal, configure the internal domains and DNS servers. These settings are located under the Client DNS settings.
  3. For a Panorama-managed Prisma Access, the Mobile Users' Client IP pools are configured in the Mobile Users Onboarding > IP Pools section. The DNS servers are configured in the Network Services section.
  4. Refer Set Up GlobalProtect Mobile Users for more details.

 
Other users also viewed:
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA1Ki000000TNFlKAO&lang=en_US&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail