Does enabling "No direct accesss to local network" kill the active connection to local resources after connecting to the GlobalProtect?

Does enabling "No direct accesss to local network" kill the active connection to local resources after connecting to the GlobalProtect?

4011

Created On 01/19/23 15:32 PM - Last Modified 10/25/24 19:51 PM

GlobalProtect Agent

GlobalProtect App

GlobalProtect Gateway

GlobalProtect Portal

GlobalProtect

Question

Does enabling "No direct access to local network" kill the active connection to local resources after connecting to the GlobalProtect?

Environment

GlobalProtect Portal and Gateway
Supported PAN-OS
No direct access to local network enabled

Answer

"No direct access to local network" was implemented by manipulating routes.
Enabling it does not kill the active connection to local resources after connecting to the GlobalProtect.

Additional Information

To kill the existing active connections, Use the Endpoint traffic policy enforcement feature which was introduced in GP version 6.0.

screenshot for end point traffic policy enforcement config