Explore the Community
Cato Cloud
Cato and SASE discussions and best practices.
API
API questions-and-answers, discussions, and best practices.
Recent Content
Account Access Request's mutation API
Hi everyone, The new account access request method enables us to manage permissions flexibly, but has also complicated the workflow. Manually requesting permissions for multiple support members and order members when an account is created is a significant burden. We are considering whether this could be simplified using the API, but we have not found any relevant commands. Have these been implemented, or being planning? Thank you,
Need help with prelogin Intune deployment
Hello, I need to understand how to get prelogin to work for my environment so users can sign in when off of the network. We are deploying devices from intune using the enrollment status page. So it gets deployed to them, they turn it on and it autopilots from there. The cato sdp client is being deployed with patchmypc and has a script in place with that for the required registry keys. The certificates are being deployed inside of a win32 intune win file with a script to install the certificate. Script for the certificate: yes it is password protected pfx file. (We do not have a certificate authority. (This did work for prelogin on my device.) Import-PfxCertificate -FilePath .\Catoprelogin.pfx -Password (ConvertTo-SecureString -String 'mypassword' -AsPlainText -Force) -CertStoreLocation Cert:\CurrentUser\My All of this was successfully installed, what could I be missing? The certificate is an SSL certificate and I confirmed that it worked prior to the autopilot on my personal work computer without autopiloting it. DOES ANYONE HAVE ADVICE OR SUGGESTIONS ON HOW TO SETUP THE INTUNE AUTOPILOT PROFILE, ENROLLMENT STATUS PAGE, OR ANY OF THE ABOVE TO MAKE THIS WORK? WHETHER IT IS DEPLOYING THE CERT A DIFFERENT WAY OR DEPLOYING THE CERTIFICATE WITH THE CATO CLIENT APPLICATION INSTALL. Thanks,
Cato Client - manual PoP addressing
Has anyone tried scripting to change the manual pop location so the user can run the script and it will change their client manual pop address to a specific location. Not sure where this detail is stored on windows for the client, regkey or config file? Even a cato cli client with a switch to set it? I tried using fqdns as the pop name and having it resolve to a PoP IP in the hosts file, then using a script to change the hosts file entry to the desired PoP IP.... but the client cant use fqdns as the PoP to connect to :D
AI for firewall rules?
I would have expected the Cato AI Assistant to be able to answer relatively simple questions in the account context like "does user x have access to the configured host y over HTTPS" - but that does not appear to be the case. Is the MCP server be able to manage such What-If queries?
Azure S2S to Cato Routing
Hi We have an existing site to site vpn to Azure Gateway which then has a vnet to vnet connection to an Azure Gateway in another region. In that region, that vnet gateway is on a vnet with a peering to the Cato vnet. How do i get Cato to be able to see the site to site subnet? The last vnet before the cato peering is able to see the site to site subnet.Spotify web unable to play music
Hi, We are new to Cato. One issue I just discovered is with the SDP client running and connected to Cato cloud, if I try to play something on Spotify via the web browser, I get error "Spotify can't play this right now". I have tried various browsers, incognito, etc. When I disable the Cato SDP client, refresh the page, then hit the play button, it works. If I enable SDP client, refresh the page, then hit play, it's broken again with the same error above. I can see the Spotify traffic events in Cato CMA. Some events show TCP, TLS and HTTPs. Other events show UDP and QUIC. The action shows 'monitor', so why would this be blocked and prevent music from playing? There may be other apps that are blocked, which we need to make exceptions for, so some advice about troubleshooting this, or making exceptions would be much appreciated. Thanks!
