Enforce GlobalProtect Connection for Network Access not enforcing when GP disabled?

Reply
L6 Presenter

Re: Enforce GlobalProtect Connection for Network Access not enforcing when GP disabled?

The pac file needs to be available for internal and external users.   With windows i would prefer the enforce option.  This should be ok if you have internal host detection set correctly.  We only opted for pac file as already in place for other stuff and issues with ios. Ipad.

 

so is you pac file available from outside your lan?

L0 Member

Re: Enforce GlobalProtect Connection for Network Access not enforcing when GP disabled?

Unfortunately, our pac file is only available to internal users

We have tried enforce mode before. But we ran into a lot of issues.

-captive portal

-switch from external to internal network will work for some time but would need to re-authenticate back from external then re-switch to internal

-same issue for those users who click sign out on the GP agent

 

L6 Presenter

Re: Enforce GlobalProtect Connection for Network Access not enforcing when GP disabled?

if only internal then pac file option is not really viable. 

I only have external gateways and no captive portal so life is easy for me.

 

however...   the pac file option will work if you only need it internally.

L7 Applicator

Re: Enforce GlobalProtect Connection for Network Access not enforcing when GP disabled?

@dvmq27 

What version of GP are you using?

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!

The Live Community thanks you for your participation!