Recent Discussions
SDP Users - IPV6
Hi all, We have two users, both located in Germany at the moment for holidays, who can't connect using the Cato SDP client. They get an error about the Device Posture. However, when they switch to a mobile hotspot, it will connect fine, so it's not the device posture checks? The only thing I've noticed is that both clients are getting a IPV6 address from their broadband router. In the Cato Event log I can see their device IP is a 169.254.x.x address when they try and connect and are blocked. I just wanted to check if a IPV6 address could cause an issue like this or if there's some extra config we need to do.
Degraded Sockets in High Availability
I have multiple customers that have a LTE sim card just for the main socket. This will have the sockets identify asymmetric WAN connections causing the DEGRADED alert. What can I do to disable the DEGRADED alarm from the site? could it be possible to disable the interfaces so the asymmetric connections don't show as alarmed?
User group specified reports
We need to schedule a daily report for users who log in from a specific user group. The report should capture all users who have logged in on a daily basis from the identified group. Kindly confirm the feasibility and share the steps or requirements to enable this reporting. Additionally, while exporting the overall users list, the respective user group details should also be included in the report. Kindly confirm the feasibility and share the required steps or prerequisites to enable this.Multiple events are getting as a single log while pulling the events from the CATO using the API
Hi Team, We are using the cato-toolbox and using the cloud RIN, we are fetching the events from the CATO SASE. https://github.com/catonetworks/cato-toolbox/tree/main/eventsfeed With this help we are pulling the events from the CATO using the API and forwarding the events to the HUB Server over the specific port. But when we are pulling it was giving multiple events as a single log. As per our SIEM vendor, they cannot split the event log. So can you please let us know if this can be fixed from your side?Cato Client - manual PoP addressing
Has anyone tried scripting to change the manual pop location so the user can run the script and it will change their client manual pop address to a specific location. Not sure where this detail is stored on windows for the client, regkey or config file? Even a cato cli client with a switch to set it? I tried using fqdns as the pop name and having it resolve to a PoP IP in the hosts file, then using a script to change the hosts file entry to the desired PoP IP.... but the client cant use fqdns as the PoP to connect to :D
Are Clients connecting to PoPs in China and Vietnam still limited to 20Mbps maximum throughput?
Cato KB "Supported Throughput for Cato SDP Clients" states that remote client users connecting to PoPs in China and Vietnam are limited to 20Mbps maximum throughput. Is this still the case? If so, why? Are there plans for this restriction to be lifted in the roadmap? This is a recurring question for customers with distributed footprint across China and Vietnam.Always on VPN and troubleshooting connectivity issues
Hi, I wanted to check if anyone else have experienced issues with the users enabled for Always On when their SDP client can not connect. Ocasionaly we see clients can not connect showing different errors, like username not recognized, can not connect, etc. The problem is that our Zoho Assist remote management software is not available if the user laptop is not connected to Internet which it is not when using Always On. How do you guys provide support in this scenario? What we usually do is first disable Always on policy for that user and then re-install the CAto client using either local admin or service desk user account. The problem is that we need to change the passwords to those accounts after giving out to the user by phone. Basically we just need Zoho Assist client traffic to bypass Cato tunnel, we will be testing split tunnel feature and adding Zoho IPs to bypass. Curious to hear your thoughts. Thanks!
