09-20-2012 05:43 PM
Hi
I've just rolled out the Global Protect client (version 1.1.6) to some contractors that need remote access to our network. I've got it setup as follows:
Portal config - Client Configuration
Options:- On Demand
Agent: Enable advanced view - true
User can save password - true
Passcode - blank
Confirm - blank
Agent User Override - with comment
Agent User Override Timeout - 0
Max Agent User Overrides - 0
Display welcome page - false
Welcome Page - none
Agent Conf: Allow user to manually rediscover network location - true
Allow user to manually resubmit host information - true
I'm not doing any HIPs stuff.
What I need to happen is that the consultant launchs the agent when they need to connect and then shutdown the agent when they have finished using it. At the moment the agent runs everytime the PC starts and you can't close it once its running (the disable option is greyed out). I thought that enabling the Agent User Override option to "with comment" that they'd be able to shut the agent down.
Is it possible to stop the agent from running all the time and what could I have done wrong that means the agent can't be shutdown once its running?
Any help would be appreciated.
Cheers
Alan
The actual VPN connection is working great and everything seems to be working except this one last little issue.
Anyone got any thoughts?
Cheers
Alan
09-20-2012 06:17 PM
Did you restart the gp service on the client after making the changes to option "agent user override" on the firewall. For the changes to take effect we need to reconnect to portal and download the new settings on to the client.
09-20-2012 06:55 PM
Hi thanks for the reply
I've restarted the laptop several times and I've created a test client config to try and resolve my issues with so I don't effect current users. I've confirmed in the logs that I'm getting the new policy. Still not able to disable the client.
I've just made a change to the policy by setting the "Display welcome page" to factory default (previously it wasn't set) and restarting my test laptop. Now connecting the client I get the welcome page pop up so I know its got the right config. Still no disable option.
Weird. Any other thoughts.
Cheers
Alan
09-20-2012 07:06 PM
Hi
I've just noticed something else. In the Client Config I've got set "allow user to manually rediscover network location" and the option is greyed out in the client as well.
I've also set the Agent User Override to "with-passcode" and entered a passcode but thats made no difference either.
Cheers
Alan
09-20-2012 07:07 PM
Hi, I have tried this in my lab. Where I have the "agent override option" disabled and then I have later enabled this and restarted the gp client service but the client did not take the change and never gave the option to disable the client. This behavior is not expected can you please open a ticket with support.
'
09-23-2012 09:08 PM
Hi sdurga
Many thanks for taking the time to test this out. I'm contacting our Premium Support partner now.
Cheers
Alan
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
