What is the GlobalProtect Gateway Selection Process?

What is the GlobalProtect Gateway Selection Process?

64412
Created On 09/25/18 19:21 PM - Last Modified 03/27/24 19:14 PM


Question


What is the GlobalProtect Gateway Selection Process? OR
How does GlobalProtect Gateway selection process work when multiple gateways are configured on a single portal?

Environment


  • GlobalProtect App
  • Supported Versions

Answer


  • If a GlobalProtect portal agent configuration contains more than one gateway, the app attempts to communicate with all gateways listed in its agent configuration.
  • The app uses the priority and response time to determine the gateway to which to connect.
  • The gateway selection varies across different versions of GlobalProtect.
In GlobalProtect app 4.0.2 and earlier releases:
  1. The GlobalProtect app connects to a lower priority gateway only if the response time for the higher priority gateway is greater than the average response time across all gateways.
  2. There is a chance the GP App may not connect to the highest priority gateway due to the response time.
In GlobalProtect app 4.0.3 and later releases,
  1. The GlobalProtect app prioritizes the gateways assigned highest, high, and medium priority ahead of gateways assigned a low or lowest priority regardless of response time.
  2. The GlobalProtect app then appends any gateways assigned a low or lowest priority to the list of gateways.
  3. This ensures that the app first attempts to connect to the gateways that you configure with a higher priority.

This is explained in more detail in the documentation: Gateway Priority In A Multiple Gateway-Configuration

Additional Information



 
Other users also viewed:
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/kCSArticleDetail?id=kA10g000000ClVz&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FkCSArticleDetail

Choose Language