Global Connect - Reverse VPN

AllDay — Thu, 02 Jan 2025 08:38:57 GMT

We have been asked to connect to a customer using GlobalProtect, but are concerned about the possible risk of VPN reverse tunnel.

Is there a control in the software to restrict this and protect our network? (is it even a thing with GlobalProtect?)

Currenty we have no experience with GlobalProtect and have little knowledge of its functionality or limitations.

Re: Global Connect - Reverse VPN

JayGolf — Thu, 09 Jan 2025 06:15:23 GMT

Hi @AllDay ,

Your concern is valid, but GlobalProtect does not inherently allow reverse tunneling unless explicitly misconfigured by the customer. At most, the customer could create policies for their network to reach the GlobalProtect client pool (your machine). Id recommend reaching out to your customer and discussing your concerns. It's also good to ensure you have systems in place to prevent host-based attacks as well as explicitly configure security policies to prevent any unintended traffic flow.

topic Re: Global Connect - Reverse VPN in GlobalProtect Discussions

Global Connect - Reverse VPN

Re: Global Connect - Reverse VPN