Recent Discussions
Directed Broadcast?
Short & sweet: can CATO do Directed Broadcast? Yes, it's for WoL between sites.SolvedBrad11 hours agoComet17Views0likes1CommentDHCP option to assign Cisco Wireless Controller
Hi Community, We have some sites that I'm trying to set a DHCP option to assign the controller IP to cisco 9105. I have a vendor rule on the AP's that get DHCP from our Microsoft DHCP servers. Was just curious if anyone has configured an option that works through Cato DHCP? Thank you.22Views0likes1CommentX1700 Sockets running 22.0.19219 breaks HA
More of a caution, over the weekend we upgraded our sockets to 22.0.19219. No issues with our X1500's but sites running X1700's in an HA pair caused us some trouble. The HA keepalive no longer works, which was causing traffic to switch between Primary and Secondary sockets. Both sockets are showing as master. Engineering has discovered the root cause and are working on new version of the firmware, but wanted to let you all know in cause you plan to upgrade soon. Sockets can't reach each other via IP, but both sockets are pingable from other devices on the network.Chris_OT2 months agoComet60Views3likes0CommentsEmail alert when a domain is no longer accessible
We have a custom application configured with a set of FQDNs and a handful of destination IP's. Recently, one of the domains resolved to an IP that wasn't included in the application rule, preventing access to the domain. Is there a way to send an email alert when traffic to an allowed domain no longer makes it through? Something similar to Link Health Rule for destination IPs/Domains?SKoberg2 months agoComet23Views0likes1CommentAuto disabling of "Secured Private Access" when user in office
In Cato, there is "Cato Connectivity Policy" wherein we can either allow "Allow Internet" or "Allow WAN and Internet" or "Block". We have MPLS in our offices and we wants to have only SWG i.e "Allow Internet" when user is in office so that internal applications go through MPLS and only internet traffic goes through Cato but when same user goes out of office than automatically both Internet and WAN traffic should go through the Cato. We had similar arrangement when we were with Netskope. In Netskope, there is a feature called “Enabling Dynamic Steering” [Refer https://docs.netskope.com/en/enabling-dynamic-steering/] wherein we could decide if users is “On-Premise” then what all traffic needs to be steered to Netskope and whether Private access needs to be enabled or not or only internet traffic is need to be steered. Can this be achieved in similar fashion ?107Views0likes7Comments- KCA2 months agoComet92Views0likes6Comments
NAT Settings
Hi all We have 2 regions that are using the same IP address. Our legacy network has NATed the IPs, so there is no IP duplication. We plan to migrate the legacy to CATO and tried to use NAT settings as in the kB, but it's not working. Region 1 (192.168.5.6/24) ⇒CATO ⇒ Azure Region 2(192.168.5.6./24)⇒NAT(10.x.x.x)⇒CATO⇒ Azure We configured NAT in the socket but PING or access to the Azure servers.KCA3 months agoComet53Views0likes1CommentXDR integration with Crowdstrike and SentinelOne
Good day together For XDR there is already the antive EPP from Cato and the API integration for microsoft Defender. At a presentation I once saw 2 more logos from Crowdstrike and SentnelOne. Is there already a release date for this?80Views0likes4CommentsAlways on VPN and troubleshooting connectivity issues
Hi, I wanted to check if anyone else have experienced issues with the users enabled for Always On when their SDP client can not connect. Ocasionaly we see clients can not connect showing different errors, like username not recognized, can not connect, etc. The problem is that our Zoho Assist remote management software is not available if the user laptop is not connected to Internet which it is not when using Always On. How do you guys provide support in this scenario? What we usually do is first disable Always on policy for that user and then re-install the CAto client using either local admin or service desk user account. The problem is that we need to change the passwords to those accounts after giving out to the user by phone. Basically we just need Zoho Assist client traffic to bypass Cato tunnel, we will be testing split tunnel feature and adding Zoho IPs to bypass. Curious to hear your thoughts. Thanks!Andrii3 months agoComet232Views0likes3Comments