11-25-2024 08:45 PM
Hi Guys,
I am newbie with PAN world. My Company don't use VPN. And I just want to disable VPN service. I my PA i see Portals and Gateway have been config.
- Portals: I already disable login page
- Gateways: Don't change anything.
My way to disable VPN is right or wrong. Do I need to remove all setting on Portal and Gateways to make sure VPN already off? Because I just disable the portal login page.
Current setting my PA.
Hope guys can help me. Thank a lot and have a nice day.
11-25-2024 11:01 PM
Hi @S.Nguyen216298 ,
Welcome! Do you foresee yourself reenabling VPN access in the near future? If so, disabling the portal as you have configured works just fine. If your looking to have GlobalProtect disabled for a longer period of time, be aware that disabling the portal doesn't stop GlobalProtect Agents' access to the portal. In order to do that, you can disable the security policy that is responsible for access to your portal/gateway. You could also remove DNS entry for your portal as well to save on your SSL cert.
12-04-2024 09:43 PM
Hi,
If you dont use VPN gateway you can simply remove the configuration from the firewalls that way there will be no listening IP:port on the firewall.
11-25-2024 11:01 PM
Hi @S.Nguyen216298 ,
Welcome! Do you foresee yourself reenabling VPN access in the near future? If so, disabling the portal as you have configured works just fine. If your looking to have GlobalProtect disabled for a longer period of time, be aware that disabling the portal doesn't stop GlobalProtect Agents' access to the portal. In order to do that, you can disable the security policy that is responsible for access to your portal/gateway. You could also remove DNS entry for your portal as well to save on your SSL cert.
11-25-2024 11:06 PM
Thanks, JayGolf,
Because it is setup by old guys, and as a newbie can you show some pic example how to check and identify "the security policy that is responsible for access to your portal/gateway". It will be very helpful for me.
11-26-2024 08:29 AM
My pleasure @S.Nguyen216298 ! I shall send you a PM so we can exchange config details.
12-04-2024 09:43 PM
Hi,
If you dont use VPN gateway you can simply remove the configuration from the firewalls that way there will be no listening IP:port on the firewall.
12-05-2024 12:35 AM
Hi Guys,
Thank you for the helping, now I already fix the problem.
Because my Company don't use VPN anymore, so I remove gateway config to stop. follow @arusharma way.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
