I've deployed GlobalProtect 4.0.3-31 to my lab machines. When I log in, I get notifications that GlobalProtect is connecting, and then that it is not connected. I'm not panicked because my portal is not available from my internal network. Will switching to an On-Demand configuration make these notifications go away?
if you configure "internal host detection" in the globalprotect app config on the PA, the user icon will just change to a little house, no errors....
its under network/portals/agent/config/gateways
just choose an internal host and its relevant IP address... bingo. we use it for our always on config.
please note that users will need to connect to the portal to get the new config.
we allow access to the portal from our LAN.
only so that users can get the latest config whilst connected to the LAN.
we have 4,500 users with "always on" and "internal host detection" and have had no issues... works well.....
the internal host option will prevent them from connecting to any of your gateway(s). providing the internal host is available.
not sure why PA never gave the option to add 2 or 3 internal hosts for maintenance or similar...
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!