Global Protect Multiple URLS for Internal and External users

Reply
Highlighted
L2 Linker

Global Protect Multiple URLS for Internal and External users

Hello team ,

 

I have a  GP cluster Gateway and Portal .

 

Currently we are using a single URL   : vpn.abc.com   for both Internal and External users .

 

Now we want to use another URL for External :   Partner.abc.com

 

so do we need to create a new Portal and Gateway ?   Remember we will still be using the same Public IP address which is for Internal users 

 

because partner.abc.com comes from same path / It us just that Host DNS will be changed for URL 

 

So do we need :

 

2 Portal  - One for Internal and One for External -with different loopbacks 

2 Gateways - with different loopbacks 

Highlighted
Cyber Elite

@FWPalolearner,

Lets back up a little bit first. What are you actually trying to achieve with this configuration?

Are you just trying to get the external users a different FQDN to use? Do you want to isolate the Partners from your normal users? Are you trying to drop your partners into a different security zone? 

 

What you are describing is an incredibly easy way to spin up an isolated instance for your partners. That might not actually be needed though depending on what you are actually looking to do. 

Highlighted
L2 Linker

@BPry  Thanks for replying and providing feedback

 requirement  is to have a separate GP Portal ( URL) for Partners- using the same Public IP (

There is only 1 Public IP address)

 

which is currently being used /

For eg : currently the URL being used for GP Portal and GP gateway  is   vpn.customer.be  ( common for all)

 

The requirement is to have to different URLS

Vpn.external.customer.be

Vpn .internal.customer.be

 

currently a single GP subnet 192.168.10.0/24 is being used by both internal and external

Goal is 

When External user logs in to external URL ; He gets IP from 192.168.1.0/26  with a new External_VPN Zone

When Internal user logs in to external URL ; He gets IP from 192.168.1.128/2  with a new Internal_VPN Zone

 

In this case do we have to create a new GP Portal with new loopback interface and new GP Gateway with new loopback is needed ?

Highlighted
L2 Linker

Corrections from my previous post

 

When External user logs in to external URL ; He gets IP from 192.168.10.0/26  with a new External_VPN Zone

When Internal user logs in to external URL ; He gets IP from 192.168.10.128/26  with a new Internal_VPN Zone

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!

The Live Community thanks you for your participation!