I have a requirement where two scenario, Branch office and Head Office.
++Branch office has Sophos firewall and Head office have Palo alto firewall.
++Branch office users are enforced with using Global Protect when they are outside of the organization that is BO(Work From Home). Which the GP will directly connect with HO.
++When the same user is entering the premises that is (LAN) of the Branch Office, since they are entering different network their GP needs to disable automatically since the GP is enforced.
++What could be the possible way that when a user Gets to the Branch office and their GP gets disabled and once they leave the organization GP needs to be enforced. What could be the possibilities.
Share the same here so that it will be helpful for me.
You will want to configure an Internal setting for Global Protect. Also while I'm sure there are reasons, why not just have them VPN in from the branch? This way they are in a zero trust methodology, i.e. they cannot talk directly to each other and the traffic must flow via the PAN.
General page for Global Protect: https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClfXCAS
Configure Internal Global Protect policy: https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClH1CAK
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!