Making Connections
Cato Professional ServicesHi FlowBeer,
Interesting point! Usually Cato Client would connect to the PoP that is most optimal.
Just to understand better, is there a reason when you mentioned: "change the manual pop location so the user can run the script and it will change their client manual pop address to a specific location"? ___
Cheers
Making ConnectionsHi Michael, delayed response sorry.
Yes the reasoning is the chinese firewall still impacts traffic when a user connects to a chinese PoP and egresses, via Cato internal backbone, on another "out of country/non-China" PoP (eg HK or Tokyo). The only way to avoid being impacted by the chinese gov FW rules is to have the client tunnel built, end to end, directly to the HK/Tokyo PoP.
Staying InvolvedFlowBeer
If I understand what you are wanting to do, then this article may hold some relevance.
Understanding Cato Networking in China – Cato Learning Center
I believe we are not allowed to bypass the "Great Firewall of China" by having either sites or SDP users inside of China use a non-China exit-point.
Cato - please correct me if that understanding is not accurate.
Making ConnectionsThanks Gordon, I want to disassociate this as being a China Issue I am looking to overcome - rather a request to more easily, as an administrator, be able to influence the manual PoP the user on SDP connects to.
At the moment to manually change the SDP PoP the user needs to either not have "on demand" client connection or have always on with the ability to disconnect with the PW to disconnect from the SDP taken from the portal at that time (temp bypass does not let you change the PoP). Once they have disconnected they need to manually put in the PoP IP they wish to connect to.... this is not a favourable option when wanting to make this easy and administrate centrally/via profile.
I can think of a number of scenarios I might be in where I would need to influence the PoP an SDP user or group of users connects to.
