Global protect question

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Global protect question

L4 Transporter
I've seen multiple videos on global protect and need clarification. My first question is do you need to configure a static route on virtual router? Second quezon is to you need to configure NAT? Tutorial I've seen sometimes so these configurations some don't.
1 accepted solution

Accepted Solutions

Cyber Elite
Cyber Elite

Hi Clyde

 

Purely technically your device does not need to be configured with a default route nor NAT

 

If your device is set up with appropriate subnet routes or PolicyBasedForwarding to make sure traffic is returned to the appropriate segment, a default gateway can be left blank, although this would be an uncommon setup (most deployments will have a default gateway at least as a form of fallback)

 

If your GP connections will only be allowed access to internal resources (local web-access vs through the gateway), NAT is also not necessary

 

if you could add some details about the deployment you might be considering, we can provide more feedback

Tom Piens
PANgurus - Strata specialist; config reviews, policy optimization

View solution in original post

2 REPLIES 2

Cyber Elite
Cyber Elite

Hi Clyde

 

Purely technically your device does not need to be configured with a default route nor NAT

 

If your device is set up with appropriate subnet routes or PolicyBasedForwarding to make sure traffic is returned to the appropriate segment, a default gateway can be left blank, although this would be an uncommon setup (most deployments will have a default gateway at least as a form of fallback)

 

If your GP connections will only be allowed access to internal resources (local web-access vs through the gateway), NAT is also not necessary

 

if you could add some details about the deployment you might be considering, we can provide more feedback

Tom Piens
PANgurus - Strata specialist; config reviews, policy optimization

Thank you very much for response. I actaully testing last night for internal only adn it worked great w/o NAT. Thanks for answering my question

  • 1 accepted solution
  • 1943 Views
  • 2 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!