Global Protect - Internal Detect - WIFI/LAN

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.

Global Protect - Internal Detect - WIFI/LAN

L1 Bithead

hello

 

I am testing our rollout of mobile user vpn with pre-logon and always on

currently we are on-prem with on-demand so its complete change in user experience

 

but with one of out test users we found today when they are at home using they are using a device that displays company wifi so they connect to this and they are detected as internal which is good

this use then comes to the office (most likely just closing the laptop lid) and docks their laptop so this moves to cable - when this happens the internet detect fails - the DNS query is successful but it seems to still connect to the portal and then the user is treated as if they are external and receive their MFA logon

 

if they refresh connection it then changes to internal - yes this is a repair but not something I can share out to 4000+ users as a workaround without negative feedback

 

I caught the end of a forum post which said: 

FYI. be aware that if you are testing by switching from wifi to LAN then internal detection will not work and you will need to refresh the GP client manually for this to happen.
 
is this something fixed in another release compared to GP version 5.1.8?
1 REPLY 1

L0 Member

Have a look at Automatic Restoration of VPN Connection Timeout setting here:

https://docs.paloaltonetworks.com/pan-os/10-0/pan-os-web-interface-help/globalprotect/network-global...

 

You can try to set Automatic Restoration of VPN Connection Timeout to 0

  • 2361 Views
  • 1 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!