GP with Host detetion and auto-connect

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.

GP with Host detetion and auto-connect

L5 Sessionator

Hi,

PA 500 in 5.0.4 and GP client 1.2.3

Would like to be sure, I need GP auto connexion from outside of my network and no GP in my network.

Then configure my external gateway, my internal host detection. It works well.

But short question do I need the GP license for that ? Normally no, just one gateway, no HIP then no license ....

During my test, it seem that despite the iternal host detection, when users are internal, GP try to create the Tunnel connexion .....

Make sens for you ?

v.

1 accepted solution

Accepted Solutions

L6 Presenter

As I know you don't need a license for enforcement.

did you check if internal host ip is a good choice ?

Internal Host Detection

This option is used to determine whether the host is inside or outside of the corporate network. Once this is determined, the agent will connect to the corresponding Gateway.

If “Internal Host Detection” is enabled, the DNS name entered specifies a hostname that can only be reached from internal network and its IP address. The agent performs a reverse lookup on the IP address and if it receives the expected hostname as a response, it will attempt to connect to the gateways in the internal gateway list. If no response is received, the agent will attempt to connect to the external gateways in the external gateway list.

View solution in original post

5 REPLIES 5

L6 Presenter

As I know you don't need a license for enforcement.

did you check if internal host ip is a good choice ?

Internal Host Detection

This option is used to determine whether the host is inside or outside of the corporate network. Once this is determined, the agent will connect to the corresponding Gateway.

If “Internal Host Detection” is enabled, the DNS name entered specifies a hostname that can only be reached from internal network and its IP address. The agent performs a reverse lookup on the IP address and if it receives the expected hostname as a response, it will attempt to connect to the gateways in the internal gateway list. If no response is received, the agent will attempt to connect to the external gateways in the external gateway list.

I add information to panos's reply.

If you need to use internal gateway, you need GP Portal license.

Reference:

L6 Presenter

yes internal gateway needs license

But the case is do you need internal gateway or not

Thx all for your help.

I would like to have auto connect from user's laptop when they are outside of my network.

What's happen if I don't configure host side detection ? When peaple are on my network, GP will try and try and try  ... to connect ?

confirmed ?

V.

when I did not configure host detect, it tried to connect and then stopped(icon) but it was still saying connecting while in LAN.

  • 1 accepted solution
  • 4108 Views
  • 5 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!