GP Portal configurationGP Portal AuthenticationGP Portal Agent configurationAgent Internal Gateway configurationAgent App behavior - always-on
Now connect through the internal gateway:
Reference the GlobalProtect Administrator Guide for any additional help with configuring GlobalProtect:
GlobalProtect Administrator's Guide 8.0 (English)
since newer PAN versions don't have the "On Demand" checkbox, what should we be putting for the Connect Method? Userlogon, prelogon?
The more recent PAN-OS versions, 7.0 and 7.1, introduced significant changes to the GlobalProtect agent setup.
The Connect Method is now in Network > GlobalProtect > Portals > portal config > Agent > Configs > agent config > App
The methods available for selection are now
If you are supporting Windows clients, you can also benefit by select YES for Use Single Sign-on
Do we need to configure External Gateway?
If Yes, Is it possible to to configure without External Gateway?
If No, Can we use different authentication profile for Internal and External Gateway?
As the title of the article indicates, you can set up an internal-only gateway, an external gateway is not mandatory (the external gateway box can be left empty)