Hi Folks, We have following scenario and unsure how to do it. Please let me know your thoughts: We have VM Palo Alto and we are implementing Global Protect. The Global Protect Portal and Gateway would be one and the same VM. We are planning to only have only one VPN link/URL which will be given to our customers. Now, we are planning to create all the users who will access Global Protect VPN to be created as users in PA Local User Database. Now, Customer A has employees a1,a2,a3.. who will access VPN Customer B has employees b1,b2,... Customer C has employees c1,c2,c3... and so on as need grows. Now, Customer A employees can access only 10.1.1.0/24 from our internal network Customer B employees can access only 10.1.2.0/24 from our internal network Customer C employees can access only 10.1.3.0/24 from our internal network How can this be done? 1. Do I need different IP pools per customer? 2. Can users be assigned static IP addresses when they connect to VPN? i.e. each time same address? 3. How can I bind users to customers? Or I dont need to do this? I think I can do this somewhere in Gateway Config under client settings probably. But need your guidance here. Any pointers appreciated. Thanks!
... View more