01-05-2024 08:28 AM
We currently run a pair of Palo Alto 5220's and are in the planning process for moving the VPN services from our Pulse Secure (Ivanti) appliances over to the PA and using Global Protect. On the Pulse appliance, there is an option to allow users to login to a web interface for controlled access to some internal resources if there is no VPN option available to them. Is there a way on the Palo Alto firewall to offer a similar connection to remote users who don't have the option of a VPN? For instance, one use of this is to allow a user to login and then click on web links to internal resources that have to originate from the protected network. This is great for users travelling and not able to connect to the VPN for whatever reason. The connection can be somewhat secured with a Yubikey or some other type of multi-factor authentication. Thoughts? Thank you!
01-05-2024 09:02 AM
That's an easy read! I think this may do the trick. It's pretty simple to setup, and lots of authentication options! Thanks again!
01-05-2024 08:37 AM
Are you referring to a clientless vpn solution? If so you can do a clientless vpn setup in GlobalProtect so a user would login on the webpage/portal and can set specific apps.
01-05-2024 08:43 AM
That may be it! I'll look over the options. Thanks, I really appreciate it. Changing platforms is quite challenging sometimes 🙂
01-05-2024 09:02 AM
That's an easy read! I think this may do the trick. It's pretty simple to setup, and lots of authentication options! Thanks again!
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
