Global Protect Setup

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

Global Protect Setup

L3 Networker

Trying to setup GP for a scenario. One large org, multiple entities/departments that will require different policies, HIP checks, some will be manual connection, some will be always on. 

 

The requirements that we would like to have are:

1 URL for all users to type in a browser to download client if need be, and same URL to be the entry for their client.

I have tried one portal and one gateway with multiple agent configs but the HIP checks are the blockers as it seems you cannot have HIP check messages per agent config or per AD user group. 

How are others achieving this? 

We do not want endpoints that are different, for example, dept1@domain.com, dept2@domain.com

for the GP gateways. 

 

2 REPLIES 2

Cyber Elite
Cyber Elite

You can have 1 portal (so 1 URL / portal address to access).

Different gateway configs are given to users in different AD groups.

Different gateways present different HIP notifications to users.

Principal Architect @ Cloud Carib Ltd
Palo Alto Networks certified from 2011

BUT each gateway requires separate external IP/URL and interface correct?

  • 38 Views
  • 2 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!