Enhanced Security Measures in Place: To ensure a safer experience, we’ve implemented additional, temporary security measures for all users.
02-15-2022 08:14 AM - edited 02-15-2022 08:17 AM
Hi all,
I've tried to assign a static ip address to global protect connection using this kb https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u0000008UkxCAE but it doesn't work.
The support says that if we have ldap auth for username/password and radius authentication for 2fa it can't work.
If this method really can't work, I've set the registry key as explained here https://docs.paloaltonetworks.com/globalprotect/4-1/globalprotect-app-new-features/new-features-rele...
But this static ip is defined on the client, so the firewall could have already set this ip to another user.
Is correct to define an ip pool different from the network of the static ip address? It seems working but just to know if anyone has done this configuration before.
For example:
- ip pool 192.168.100.0/24
- fixed ip address 192.168.101.1
I think that
- if a user doesn't have the registry key, it will take an address of the pool 192.168.100.0/24
- if a user has the key set, can take the address set in the registry key without having override problem
Is that correct?
Thanks!
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
