Palo Alto GlobalProtect Clientless VPN [2024]

Рет қаралды 4,910

NETSums

Күн бұрын

Пікірлер: 22

@shakarchy 10 ай бұрын

Great Video, Many thanks

@netsums 10 ай бұрын

Glad you enjoyed it! Thank you also for the comment.

@shakarchy 10 ай бұрын

Can you please provide the best approach to configure GP HIP?

@shailendramaheshwari4418 Ай бұрын

please create video to configure laptop in auto pilot mode

@vjysmarty5674 5 ай бұрын

Thanks. Great video. Could you please explain how the NAT is applied by firewall and how to configure it for particularly clientless VPN. In my case the GP-clientless interface has public IP, I want it to be Natted somehow. And is there any way we can assign an IP pool similar to what we assign for client/agent-based VPN? Any help here is much appreciated.

@netsums 4 ай бұрын

Hi, sorry for my late reply. The firewall uses its "closest" interface to the target as the source interface (take a look at minute 16:18). So the firewall does NAT using it's own IP addresses. In your case the connection will be natted, since I suppose your application (target) is not in your outside zone. 🙂 I don't think it's possible to assign an IP pool to clientless VPN, since the firewall uses its own interfaces as source.

@sanjithnimshad764 7 ай бұрын

Good video...If both clientless and client based VPN is enabled on same portal, how do we restrict clientless VPN users from accessing client based VPN?

@netsums 7 ай бұрын

You can restrict the user/user group in each of the connection method. For clientless, in the Application configuration you can add, for example, Active Directory Group A and in the agent configuration (client based) AD Group B.

@sifikelomkhungo7657 7 ай бұрын

Great video thank you, my clientless vpn shows 404 not found, after logging accessing published link. How can I over come this?

@netsums 7 ай бұрын

My first guess would be that your link is not correct. Do you see the correct url in the address bar?

@PaoloDrappo 9 ай бұрын

Hello Ricardo, congratulations for the excellent channel. Could the Captive Portal be used to authenticate and allow access from the Internet to an internal server? I tried to implement the solution in "lab" but the authentication web form is only offered to me if I try to reach the internal server directly. If I try to reach only the "public" interface of the firewall the web form does not appear..

@Shan-ff2wc 7 ай бұрын

I feel very complicated and difficult to use the PA firewall.

@netsums 7 ай бұрын

I agree, it's not easy. But I believe it's because it has a lot of options. After a while you start understanding better why some things are like that and you start finding things easier. :-)

@momensirelkhatim567 10 ай бұрын

Thanks a lot please we need videos for ips vpn with different firewall /proxy id

@netsums 9 ай бұрын

Hi. I'm assuming you mean Site-2-Site. Take a look at this video here: kzbin.info/www/bejne/fYGkf6WDmN-HsJYfeature=shared

@momensirelkhatim567 9 ай бұрын

Thank you, I saw that but I need to do it from two different devices/proxy id fur ex Juniper vs Palo Alto @@netsums

@르브론시몬스 9 ай бұрын

hello what is mean “application URL” ? please

@netsums 9 ай бұрын

Hi, application URL is the URL of your target site or application. In the case of the video, I entered the URL from a web server in my lab.

@supriyochatterjee4095 10 ай бұрын

Dear sir, kindly make videos on how to configure and implement Palo Alto Firewall in VMWARE VMC CLOUD SDDC and AWS in details with details steps and explanations for the same and how to configure NAT and the Palo Alto Firewall Architecture inside a multi cloud environment of VMWARE and AWS together

@netsums 10 ай бұрын

I'll keep it in mind for the next videos, thank you for the suggestion.

@supriyochatterjee4095 10 ай бұрын

@@netsums Thanks Sir

@supriyochatterjee4095 10 ай бұрын

@@netsums Also please kindly make videos on HA configuration in Palo Alto with respect to the AWS and VMWARE VMC CLOUD environment