06-21-2024 03:31 PM
I'm working on a Global Protect Setup with the following. A single Portal that leads to 2 Gateways one for prelogon users and then the second for users that have signed into their machines. The tunnel renames itself when the user logs into their machine. However it seems the prelogon user is staying connected to the second gateway after the user logs back out of their machine.
The portal has 2 agent configurations,
- Prelogon - Config selection Criteria, users (Prelogon)
- Userlogon - Config selection Criteria, users (Any)
For the user logon portal I was thinking instead of "Any" I would define the usergroup I have mapped in the firewall not sure if that would help.
At a bit of a loss as to why this is happening the way that it is.
Thanks,
06-27-2024 03:43 AM
Hi ,
Please check how the gateway Connection settings are configured; like Login lifetime and Inactivity timeout.
https://docs.paloaltonetworks.com/globalprotect/10-1/globalprotect-admin/globalprotect-gateways/cust...
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
