Skip to content

Commit 9859000

Browse files
authored
Revert "Update-PaloAlto-Connection (#376)" (#378)
This reverts commit de32d50.
1 parent de32d50 commit 9859000

File tree

3 files changed

+69
-11
lines changed

3 files changed

+69
-11
lines changed
Lines changed: 61 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,61 @@
1+
---
2+
title: Palo Alto Admin Portal
3+
last_reviewed_on: 2024-09-20
4+
review_in: 6 months
5+
weight: 10
6+
---
7+
8+
# <%= current_page.data.title %>
9+
10+
## UK South
11+
12+
You can connect to the Palo VMs via the HMCTS VPN by following the following steps:
13+
14+
### Sandbox
15+
16+
1. Create the NSG rule to allow your IP on port 443. (Example and links to VMs below).
17+
2. Retrieve the url of the Palo VM you want to connect to via the 'Virtual machines' section below.
18+
3. (skip in production which is SSO enabled) Retrieve the admin password from the sandbox key vault:
19+
20+
```bash
21+
az keyvault secret show --vault-name hmcts-infra-dmz-sbox-int --name firewall-password --query value -o tsv
22+
```
23+
24+
4. Use the local account `localadmin` to log in.
25+
26+
#### Sandbox Virtual Machines
27+
28+
- [hmcts-hub-sbox-int-palo-vm-0](https://portal.azure.com/#@HMCTS.NET/resource/subscriptions/ea3a8c1e-af9d-4108-bc86-a7e2d267f49c/resourceGroups/hmcts-hub-sbox-int/providers/Microsoft.Compute/virtualMachines/hmcts-hub-sbox-int-palo-vm-0/overview) - https://hmcts-hub-sbox-int-palo-mgmt-0.uksouth.cloudapp.azure.com
29+
- [hmcts-hub-sbox-int-palo-vm-1](https://portal.azure.com/#@HMCTS.NET/resource/subscriptions/ea3a8c1e-af9d-4108-bc86-a7e2d267f49c/resourceGroups/hmcts-hub-sbox-int/providers/Microsoft.Compute/virtualMachines/hmcts-hub-sbox-int-palo-vm-1/overview) - https://hmcts-hub-sbox-int-palo-mgmt-1.uksouth.cloudapp.azure.com
30+
31+
### Non-prod
32+
33+
1. Connect to the [HMCTS VPN](https://portal.platform.hmcts.net/).
34+
2. Retrieve the url of the Palo VM you want to connect to via the 'Virtual machines' section below.
35+
3. Retrieve the admin password from the relevant key vault:
36+
37+
```bash
38+
# Non production
39+
az keyvault secret show --vault-name hmcts-infra-dmz-nonprodi --name firewall-password --query value -o tsv
40+
```
41+
42+
4. Use the local account `localadmin`
43+
44+
#### Non-prod virtual machines
45+
46+
- [hmcts-hub-nonprodi-palo-vm-0](https://portal.azure.com/#@HMCTS.NET/resource/subscriptions/fb084706-583f-4c9a-bdab-949aac66ba5c/resourceGroups/hmcts-hub-nonprodi/providers/Microsoft.Compute/virtualMachines/hmcts-hub-nonprodi-palo-vm-0/overview) - https://hmcts-hub-nonprodi-palo-mgmt-0.uksouth.cloudapp.azure.com
47+
- [hmcts-hub-nonprodi-palo-vm-1](https://portal.azure.com/#@HMCTS.NET/resource/subscriptions/fb084706-583f-4c9a-bdab-949aac66ba5c/resourceGroups/hmcts-hub-nonprodi/providers/Microsoft.Compute/virtualMachines/hmcts-hub-nonprodi-palo-vm-1/overview) - https://hmcts-hub-nonprodi-palo-mgmt-1.uksouth.cloudapp.azure.com
48+
49+
### Production
50+
51+
1. Connect to the [HMCTS VPN](https://portal.platform.hmcts.net/).
52+
2. Retrieve the url of the Palo VM you want to connect to via the 'Virtual machines' section below.
53+
3. Click 'Use Single Sign-On'.
54+
4. Press 'Continue' leaving the first text box prompt empty.
55+
56+
#### Prod Virtual machines
57+
58+
- [hmcts-hub-prod-int-palo-vm-0](https://portal.azure.com/#@HMCTS.NET/resource/subscriptions/0978315c-75fe-4ada-9d11-1eb5e0e0b214/resourceGroups/hmcts-hub-prod-int/providers/Microsoft.Compute/virtualMachines/hmcts-hub-prod-int-palo-vm-0/overview) - https://uksouth-prod-palo-0.platform.hmcts.net
59+
- [hmcts-hub-prod-int-palo-vm-1](https://portal.azure.com/#@HMCTS.NET/resource/subscriptions/0978315c-75fe-4ada-9d11-1eb5e0e0b214/resourceGroups/hmcts-hub-prod-int/providers/Microsoft.Compute/virtualMachines/hmcts-hub-prod-int-palo-vm-1/overview) - https://uksouth-prod-palo-1.platform.hmcts.net
60+
61+
---

source/network/connecting-palos.html.md.erb

Lines changed: 7 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -1,22 +1,18 @@
11
---
22
title: Connecting to a Palo Alto firewall
33
weight: 60
4-
last_reviewed_on: 2025-01-06
4+
last_reviewed_on: 2024-07-12
55
review_in: 6 months
66
---
77

88
# <%= current_page.data.title %>
99

10-
This page provides information on how to connect to a Palo Alto firewall.
10+
### SSO login steps
11+
## UK South
1112

12-
## SSO login steps
13-
Panorama is a centralized management system that provides global visibility and control over multiple Palo Alto Networks next generation firewalls through an easy-to-use web-base interface.
13+
You can connect to the Palo VMs via the HMCTS VPN by following the following steps:
1414

15-
### Prerequisite
16-
- VPN connection via F5
17-
- Active HMCTS or Justice account
18-
19-
### Open Panorama
15+
### Sandbox
2016

2117
1. Connect to the [HMCTS VPN](https://portal.platform.hmcts.net/).
2218
2. Retrieve the url of the Palo VM you want to connect to via the 'Virtual machines' section below.
@@ -40,7 +36,7 @@ Panorama is a centralized management system that provides global visibility and
4036
- [panorama sandbox](https://panorama-sandbox.hmcts.net)
4137
- [panorama production](https://panorama.hmcts.net)
4238

43-
### Access All systems via F5 VPN:
39+
### Access All systems via VPN:
4440

4541
#### Panorama
4642
- [panorama-sbox](https://panorama-sbox-uks-0.sandbox.platform.hmcts.net)
@@ -77,7 +73,7 @@ Panorama is a centralized management system that provides global visibility and
7773
- [hmcts-hub-prod-int-palo-vm-0](https://portal.azure.com/#@HMCTS.NET/resource/subscriptions/0978315c-75fe-4ada-9d11-1eb5e0e0b214/resourceGroups/hmcts-hub-prod-int/providers/Microsoft.Compute/virtualMachines/hmcts-hub-prod-int-palo-vm-0/overview)
7874
- [hmcts-hub-prod-int-palo-vm-1](https://portal.azure.com/#@HMCTS.NET/resource/subscriptions/0978315c-75fe-4ada-9d11-1eb5e0e0b214/resourceGroups/hmcts-hub-prod-int/providers/Microsoft.Compute/virtualMachines/hmcts-hub-prod-int-palo-vm-1/overview)
7975

80-
### SSH to PaloAlto VMs
76+
#### SSH to PaloAlto VMs
8177

8278
This needs done from Bastion server and ssh using the private IP from the Virtual machines in Azure. Get the credentials from Key Vault (for example `hmcts-infra-hub-prod-int` for production) for the `firewall-username` and `firewall-password`.
8379

source/network/index.html.md.erb

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -23,6 +23,7 @@ weight: 70
2323

2424
## F5
2525

26+
- [Admin Portal](F5AdminPortal.html)
2627
- [User Accounts](accounts.html)
2728
- [Setup access to internal apps](VPN-routing-config.html)
2829
- [Troubleshooting Clients](f5-troubleshooting-clients.html)

0 commit comments

Comments
 (0)