- Access exclusive content
- Connect with peers
- Share your expertise
- Find support resources
07-24-2024 11:28 AM
How do I Block MUs that have a back level version of the Global Protect client - in this case 6.2.2(windows and Mac) but not effect the Linux users
08-21-2024 07:43 AM
Hi @Michaeleddinger ,
Apologies but your question is not clear. Can you provide some clarification? What is "MUs"? And what do you mean by "back level version"?
08-21-2024 09:11 AM
MU = Mobile Users and back level version is any person using the global protect client < 6.2.2 version (in the case of the service I provide)
08-21-2024 11:32 PM
Hey @Michaeleddinger ,
Unfortunately GlobalProtect does not really provide a way to block users to connect to the VPN based on host compliancy check.
However you can use the HIP profiles to define host compliancy check, including the version of the GlobalProtect app - HIP Objects General Tab (paloaltonetworks.com)
As mentioned, using HIP user will still be allowed to establish tunnel (after successfull authentication), but once connected GP client will submit a HIP report with host information. With HIP object and HIP profiles, you can create firewall rules matching these users with older version and restrict or completely block their access.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!