Discuss, share, and learn with Cato Networks users. Exchange insights, solve challenges, and get more from your SASE journey.
We are still working out the last of the settings so if you run into any issues or need further assistance, please contact community@catonetworks.com .
Cato and SASE discussions and best practices.
API questions-and-answers, discussions, and best practices.
Start here with any Cato Connect questions! Community guides and information.
Hi, We have a case where the customer wants to use the Always On VPN feature on their Android work phones. AOVPN works correctly, but after enabling it, Android Auto stops working. Do we need to configure Split Tunnel? There is no specific Android Auto option in the Split Tunnel settings. Only “Google Applications” is…
Community Update As of today, we'll be moving into read-only mode and will remain there until Monday, June 22. We're in the process of migrating to our new community home, and this temporary pause will help us make sure that everything is set up for a smooth transition. We're excited about what's ahead and look forward to…
Does anyone configure a private DNS server (Windows DNS server) with the Cato default DNS server? We have a private DNS server to resolve the internal hosts. But I am a bit confused about how I can configure this with Cato DNS? Any leads would be appreciated.
I would like to restrict management access to the Socket Web UI from the LAN. However, in a post from about a year ago, no solution was provided. Is there a way to restrict access to the WebUI? | Cato Connect Has there been any update or new feature introduced that enables this? Thank you.
Users working remotely (home network) are able to successfully access Azure Virtual Desktop (AVD). However, when users are connected via the Site Socket, access to AVD fails. As part of our troubleshooting, we manually configured the client-side DNS settings on a test laptop. With this configuration, DNS resolution…
Hi Cato community, I have encountered an issue where it is not possible to create a IPSec tunnel using the following configurations Site type: IPSecV2 connectionMode: RESPONDER_ONLY identificationType: FQDN Since the IPsec is responder only with FQDN identification, the updateIpsecIkeV2SiteTunnels mutation cannot be used…
Is there any way to use an FQDN as an allow in a Remote Forward Rule?
We need to add around 200 subnets to bypass Cato. My understanding is that they need to be added to all sites under the Site Configuration/Router/Bypass/Destination and for all SDP users via Access/Client Access Control/Split Tunnel policy. We have nearly 90 sites. Manually adding 200 subnets to 90 sites doesn't seem like…
Hi, I’m trying to figure out if it’s possible to create or update NAT Policy Rules for a site using the Cato GraphQL API. I’m using the siteUpdate mutation to modify the natPolicyRules field (adding DNAT rules), but I keep getting a "permission denied" (Code104) error even though my API key should have the right…
When using CATO and navigating the internet through a browser, does CATO support protocols above HTTP1. (HTTP/2 and HTTP/3)? A website a user is trying to use only supports these new protocols, and so when connected to the network it shows him in a slowdown mode I have included the site for reference with a support page…
It looks like you're new here. Sign in or register to get started.
