- Access exclusive content
- Connect with peers
- Share your expertise
- Find support resources
I use pre-logon (always on) for our users which works pretty well. One of the goals is to prohibit Internet access without VPN.
Now consider the following situation: People receive a freshly installed notebook (Windows). The GlobalProtect client is installed but it was never configured. In fact, no user logged into Windows so far as the process is automated a lot (thankfully).
How do I get the GP client to connect to the firewall without any user login in order to apply the "Enforce GlobalProtect Connection for Network Access" policy?
we are currently testing imaged devices that connect via pre-logon when posted to users home address... but prior to all this and to date, we use a proxy.pac file that is auto read by browser. it tries to do a reverse lookup internally and if succeeds then proxy is set to "direct" (no proxy), if the internal host is not detected then it adds a false proxy of 220.127.116.11 , which prevents any browsing.
also in the pac file is an exception to allow connections to our portals and gateways, this works well and also good for iPads.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!