This website uses cookies essential to its operation, for analytics, and for personalized content. By continuing to browse this site, you acknowledge the use of cookies.
For details on cookie usage on our site, read our Privacy Policy
Accept
Reject

Multiple URL Global Protect Multiple FQDN

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Multiple URL Global Protect Multiple FQDN

ChrisGapske
L1 Bithead

‎12-11-2019 08:31 AM

We would like to use multiple URL's to access our Palo with Multiple LDAP authentication.

 

portal.company1.com 

LDAP1

 

portal.company2.com

LDAP2

 

portal.company3.com

LDAP3

 

We could also do like 

 

C1.company.com

LDAP1

C2company.com

LDAP2

C3company.com

LDAP3

 

Can anybody guide me to a solution so far support has not been super helpfull. 

 

Another is portal.company 

 

with authentication sequence but that requires more work for the users. 

 

I am a little new to Palo could use help . 

10 REPLIES 10

athalman
L1 Bithead

‎12-11-2019 08:46 AM

I'm looking to do something similar. I have 2 Palo's both with a GP gateways setup and I'm thinking of using DNS roundrobin to hit either one of them using a single Portal URL company.domain. 

 

Not sure if this is the best way to do it or not. But basically i want clients to only have to configure 1 Portal URL on the client and then hit either one of my palo's.

 

 

0 Likes Likes

ChrisGapske
L1 Bithead
In response to athalman

‎12-11-2019 08:51 AM

You really want to do multiple gateways then ?  This is sorta the other way around. 

athalman
L1 Bithead
In response to ChrisGapske

‎12-11-2019 08:56 AM - edited ‎12-11-2019 08:57 AM

Yes since I have 2 egress points in my network, each one with a Palo. In case of fail over or an outage at one location, i want my users to hit the other Palo and still have access to the network. I was hoping to achieve this by using a DNS entry with 2 ips pointing to each one of my Gateways. which would have the same name of course.

 

It's mainly going to be used during maintenance windows/outages really. Either Palo can handle all my VPN connections individually but i'm trying to give the highest VPN availability i can. 

0 Likes Likes

ChrisGapske
L1 Bithead
In response to athalman

‎12-11-2019 09:01 AM

You can do that too. When you use the gateway it allows for that as well as mulitple ip addresses and the client will do the work from there but ... The timeout might be a factor IDk 

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!

LEGAL NOTICES
RESOURCES
Copyright 2007 - 2023 - Palo Alto Networks