This website uses cookies essential to its operation, for analytics, and for personalized content. By continuing to browse this site, you acknowledge the use of cookies.
For details on cookie usage on our site, read our Privacy Policy
For details on cookie usage on our site, read our Privacy Policy
About tyates
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- LIVEcommunity
- About tyates
10-11-2022
2Posts
0Likes
0Solutions
Oct 11, 2022Last Visited
User
Activity
User
Profile
Latest posts by tyates
| Subject | Views | Posted |
|---|---|---|
| 955 | 11-01-2021 12:23 PM | |
| 4218 | 08-19-2021 07:05 AM |
User Badges
Community Statistics
| Member Since | 02-19-2013 08:41 AM |
| Date Last Visited | 10-11-2022 03:10 PM |
| Posts | 2 |
11-01-2021
12:23 PM
We have regional Portals/Gateways in both EMEA and APAC. The requirement is to have split tunneling disabled. However, we want to guard against a users in one country connecting to the VPN gateway in another country and requesting a public resource (Google.com for example) and having that page returned in the wrong language. Because the DNS request would traverse the VPN tunnel to a different country, the recursive lookup would be from the country hosting the gateway and would likely return the site in that countries language. This is a non-issue for the US but a problem in APAC and EMEA. As such, is there a way with GlobalProtect to allow split DNS without enabling split tunneling.
... View more
08-19-2021
07:05 AM
I too am having a similar issue. Setup a new portal/gateway with SAML auth. Want to do a HIP check for a valid machine certificate but not looking to do pre-logon. Machine Certificate is loaded in the Local Computer\Personal\Certifcates store per Palo instructions. Subject shows machine name. our domain.com. Problem is, when I open the GP Client GlobalProtect Settings and go to the Host Profile tab, all I see is the word "certificate" at the bottom of the left window with no information in the right window about the cert. As such, it is not sending it to the portal during the HIP submission process. Any thoughts as to why the GP client is not seeing the certificate info. Oddly, in the PanGPS.log file on the client, it says it found the machine cert in the machine store. Has the correct hash etc. Just is not passing it up to the portal. Any help would be appreciated.
... View more
Contact Me
| Online Status |
Offline
|
| Date Last Visited |
10-11-2022
03:10 PM
|
Latest Tags
No tags yet
LEGAL NOTICES
Copyright 2007 - 2023 - Palo Alto Networks