GlobalProtect Best Practices, Tuning and Resources

แชร์
ฝัง
  • เผยแพร่เมื่อ 17 ธ.ค. 2024

ความคิดเห็น • 14

  • @nsptest4137
    @nsptest4137 3 ปีที่แล้ว +1

    What happens if I dont include 0.0.0.0/0 in my include list and leave it just blank? Shouldnt GP then also route everything I dont exclude through the tunnel? Why do I have to include 0.0.0.0/0 then?

  • @karenmartinez5624
    @karenmartinez5624 3 ปีที่แล้ว

    I'm already using this in USA, but can I use this globalprotec in Mexico? Or IT service needs to do an extra step to use it down there?

    • @netguy73
      @netguy73 ปีที่แล้ว

      of course you don't need to use anything different in Mexico. But you do if you move to China.

  • @5ive762
    @5ive762 ปีที่แล้ว

    Hello we are having issue that the self signed certificate has expired now the user are not able to connect to GP. After reinstalling the Gp client software from the device it worked without warning. Now we have to do this on remaining 1000 of devices is there any workaround or solution. I am aware that we can use third party certificate to resolve. Is there any alternative ways. Thanks

  • @durmustalipoglu386
    @durmustalipoglu386 ปีที่แล้ว

    When I connect, I can see low speed ( normal speed/3) and high ping ( normal ping x 10). How to solve this problem?

  • @Bormanb23
    @Bormanb23 4 ปีที่แล้ว

    Hi, great video, I watched from beginning to end, great stuff! I tried clicking on the hyperlinks in the video but they didn't work :)...just kidding, could you please include those hyperlinks mentioned at the end above in the video description? thanks!

    • @PaloAltoNetworksLiveCommunity
      @PaloAltoNetworksLiveCommunity  4 ปีที่แล้ว

      Please let us know exactly which links are broken, I just tested all of the links in the description, and they all appear to work.
      Regards,
      Joe Delio

  • @RogueDire
    @RogueDire 4 ปีที่แล้ว

    Nice video, could you please point me to a video or article on modifying the GP agent for cases such as MFA with prompts to select authentication types etc. or if you have a video it would be great, thanks!

    • @RAJ27682
      @RAJ27682 2 ปีที่แล้ว +1

      It depends on what MFA vendor are you integrating with GP VPN, for example refer to DUO-duo.com/docs/dag-paloalto#verify-sso

  • @brucebennett321
    @brucebennett321 4 ปีที่แล้ว

    Is it possible to get the file that is referenced in the video so that I do not have to go back through the video and write down the referenced links?

    • @PaloAltoNetworksLiveCommunity
      @PaloAltoNetworksLiveCommunity  4 ปีที่แล้ว

      Please refer to the Q&A from the video here, as most of the questions have been answered.. but if you do not find your answer, please respond and we will try to help.
      th-cam.com/video/p0TCUjZRp44/w-d-xo.html

  • @AlexeyEronko
    @AlexeyEronko 4 ปีที่แล้ว

    My question if why I can't assign /22 pool to several rules / configuration at Agent tab at the same time . I don't care about IP allocation because use User-ID approach for all polices. Why it is not possible ? I don't want to create small pools for every matching rule . Second big question is why I can't add to split tunneling configuration object group which has other object group ? Is this strange limitation for 2020 year .Pulse secure doesn't have such limitation.

    • @davidcumbow7089
      @davidcumbow7089 4 ปีที่แล้ว +1

      Check out step 6 as part of the admin guide below. You can choose to set up a client IP pool at the gateway level which should address your concern. docs.paloaltonetworks.com/globalprotect/8-1/globalprotect-admin/globalprotect-gateways/configure-a-globalprotect-gateway.html#id0687b049-6664-4054-96dc-ba880f8c92c9. Cheers!

    • @AlexeyEronko
      @AlexeyEronko 4 ปีที่แล้ว

      @@davidcumbow7089 Thank you ! Most likely that option is exactly what I need . But at current configuration my Agent->Client Pool is grey-listed.