GlobalProtect App Settings and Multiple environments.

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.

GlobalProtect App Settings and Multiple environments.

L0 Member

Hi all,

 

We've configured a few app settings for GlobalProtect and my assumption is, that when you make a connection to VPN, your client will pull down these app settings.  

 

However, if you connect to another VPN (another environment) with different app settings, how do they reconcile? What settings take precedence ?

 

Thanks

1 accepted solution

Accepted Solutions

Hi @SethEfrat ,

In general establishing VPN connection with GlobalProtect perform two separate actions:

- First GlobalProtect agent will connect GP portal to get agent settings. Part of these settings are which GP gateways agent needs to connect and the rest is behaviour of the agent itself, the app settings you are refering

- Second GP agent will connect to the GP gateways received from the portal and establish connection.

 

If GP agent connects to another portal it will get settings from that portal and completely override evertything else and start using what ever is being provided by the GP portal to which GP agent is now connected, including gateway list and app settings.

 

This could be tricky, because if you connect to another portal that forbits user from switching GP portals  ("Allow User to Change Portal Address" set to no), there is no easy way for end user to connect back to previous portal - because the latest connected portal no longer allow you switch.

View solution in original post

1 REPLY 1

Hi @SethEfrat ,

In general establishing VPN connection with GlobalProtect perform two separate actions:

- First GlobalProtect agent will connect GP portal to get agent settings. Part of these settings are which GP gateways agent needs to connect and the rest is behaviour of the agent itself, the app settings you are refering

- Second GP agent will connect to the GP gateways received from the portal and establish connection.

 

If GP agent connects to another portal it will get settings from that portal and completely override evertything else and start using what ever is being provided by the GP portal to which GP agent is now connected, including gateway list and app settings.

 

This could be tricky, because if you connect to another portal that forbits user from switching GP portals  ("Allow User to Change Portal Address" set to no), there is no easy way for end user to connect back to previous portal - because the latest connected portal no longer allow you switch.

  • 1 accepted solution
  • 515 Views
  • 1 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!