Under what circumstance is the use of Internal Portal configuration suggested?

Under what circumstance is the use of Internal Portal configuration suggested?

5196
Created On 12/08/23 20:00 PM - Last Modified 12/18/23 22:49 PM


Question


Under what circumstance is the use of Internal Portal configuration suggested?

Environment


  • Any GlobalProtect App version
  • Any Client OS
  • Any authentication method (SAML, LDAP, Radius)
  • Internal Host Detection
  • Existing GlobalProtect infrastructure configured 

Answer


  1. In some networks, the external portal is not reachable from the internal network due to the routing design or due to firewall not allowing the internal users to connect to the external IP address. This behavior is seen when firewall assumes this is a Land attack behavior.
  2. In the above situation, configuration of Internal Portal is suggested. This Portal must be resolved by internal DNS server.

Additional Information


When the external portal is reachable from the internal network, the GP app can perform seamless authentication when switching from external to internal networks by using internal portal or gateway with different authentication profiles like certificate-based authentication or SSO with LDAP.
Other users also viewed:
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u0000008WA8CAM&lang=en_US&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail

Choose Language