Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- Get Started
- News & Events
- Collaboration
- Education Services
- Technologies
- Next-Generation Firewall
- GlobalProtect
- Threat Prevention Services
- Endpoint Protection
- SSL Decryption
- App-ID
- Content-ID
- User-ID
- 5G
- IoT Security
- Cloud Identity Engine
- Panorama
Network Security
- Prisma Access
- Prisma Cloud
- Prisma SD-WAN
- CN-Series
- VM-Series:
- Private Cloud
- OCI
- Alibaba
- AWS
- GCP
- Azure
Cloud Security
- Cortex XDR
- Cortex XSOAR
- Cortex Data Lake
- Cortex Xpanse
Security Operations
- Resources
- COVID-19 Response Center
About tyates
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- LIVEcommunity
- About tyates
3 weeks ago
2Posts
0Likes
0Solutions
Jan 06, 2022Last Visited
User
Activity
User
Profile
Latest posts by tyates
| Subject | Views | Posted |
|---|---|---|
| 253 | 11-01-2021 12:23 PM | |
| 974 | 08-19-2021 07:05 AM |
User Badges
Community Statistics
| Member Since | 02-19-2013 08:41 AM |
| Date Last Visited | 3 weeks ago |
| Posts | 2 |
11-01-2021
12:23 PM
We have regional Portals/Gateways in both EMEA and APAC. The requirement is to have split tunneling disabled. However, we want to guard against a users in one country connecting to the VPN gateway in another country and requesting a public resource (Google.com for example) and having that page returned in the wrong language. Because the DNS request would traverse the VPN tunnel to a different country, the recursive lookup would be from the country hosting the gateway and would likely return the site in that countries language. This is a non-issue for the US but a problem in APAC and EMEA. As such, is there a way with GlobalProtect to allow split DNS without enabling split tunneling.
... View more
08-19-2021
07:05 AM
I too am having a similar issue. Setup a new portal/gateway with SAML auth. Want to do a HIP check for a valid machine certificate but not looking to do pre-logon. Machine Certificate is loaded in the Local Computer\Personal\Certifcates store per Palo instructions. Subject shows machine name. our domain.com. Problem is, when I open the GP Client GlobalProtect Settings and go to the Host Profile tab, all I see is the word "certificate" at the bottom of the left window with no information in the right window about the cert. As such, it is not sending it to the portal during the HIP submission process. Any thoughts as to why the GP client is not seeing the certificate info. Oddly, in the PanGPS.log file on the client, it says it found the machine cert in the machine store. Has the correct hash etc. Just is not passing it up to the portal. Any help would be appreciated.
... View more
Contact Me
| Online Status |
Offline
|
| Date Last Visited |
3 weeks ago
|
Latest Tags
No tags yet
LEGAL NOTICES
Copyright 2007 - 2022 - Palo Alto Networks
