10-10-2018 05:56 AM
I think we need a bit more context, but typically external.
10-10-2018 06:36 AM - edited 10-11-2018 05:58 AM
External is what I thought. What information do you need? Is there away to verify that it is external?
10-11-2018 08:51 AM - edited 10-11-2018 08:51 AM
Well in general the service GP provides the portal is going to be beyond/external of the internal side of the firewall.
10-11-2018 09:11 AM
you mean most of the time the VPN is going to provide access for people outside of the internal network though be do have a use case of accessing a segrated portion of the internal network using GP , but aside from that one VPN instance most of our VPN users come from the internet/external access
10-11-2018 05:45 PM - edited 10-11-2018 05:48 PM
The VPN portal should be an external IP address or FQDN since the users are located outside, and they use external DNS servers like 8.8.8.8, and TCP/443 is used for communication between GlobalProtect agents and Portals, or GlobalProtect agents and Gateways. Also, UDP/4501 is used for IPSec tunnel connections between the GlobalProtect agents and Gateways.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
