Netskope Community
-
Forums
ProductsCommunity Resources
-
Learn
Education, Training, Certification, and Thought LeadershipCommunity Resources
-
Groups
Community GroupsCommunity Resources
-
Events
Community Resources
- Support
- Netskope Community
- Products
- Private Access
- CRL Checking with Pre-Login Tunnel
CRL Checking with Pre-Login Tunnel
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-14-2023 04:14 AM - edited 07-15-2023 04:21 AM
Hi Everyone,
Am wanting to enable CRL Checking of device certificate for Pre-Login tunnel.
I want to ensure the CRL in the certificate of the connecting NPA client will be available for verification but I'm unsure of the source doing the verification. The docs are not detailed enough.
Where will the CRL Checking request originate? Will it be our management plane or the one of the many NPA Gateway's the client may connect to or some other component (eg. Stitcher)?
Thank you
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-19-2023 01:21 PM
Please see https://docs.netskope.com/en/netskope-help/data-security/netskope-private-access/private-access-faqs....
It is my understanding that the CRL request will originate from the management plane of your tenant. The article above has a link to the support portal which provides the specific IP address(es) per management plane.
Sam Shiflett
Netskope Solution Architect - North America
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-19-2023 01:21 PM
Please see https://docs.netskope.com/en/netskope-help/data-security/netskope-private-access/private-access-faqs....
It is my understanding that the CRL request will originate from the management plane of your tenant. The article above has a link to the support portal which provides the specific IP address(es) per management plane.
Sam Shiflett
Netskope Solution Architect - North America
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-24-2023 06:06 AM
Thanks @sshiflett those IP's listed in the KB you posted are making requests. Just the info I needed!
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
-
NPA
45 -
ztna
15 -
private access
14 -
publisher
9 -
Netskope Private Access
7 -
netskope client
6 -
Private App
5 -
NSClient
4 -
Private Apps
3 -
Browser Access
3 -
Re-authentication for Private Apps
3 -
Zero Trust
3 -
MacOS
3 -
SAML
2 -
sso
2 -
Client
2 -
okta
2 -
Private App Discovery
2 -
clientless
2 -
Authentication
2 -
client update
2 -
browser
2 -
DNS Resolver
2 -
AWS
2 -
Network Privete Access
2 -
multi tags for NPA apps
2 -
Config Update
1 -
ps-tip
1 -
fleet
1 -
ipsec
1 -
IDP
1 -
SCCM
1 -
App Discovery
1 -
Policy Hit Count
1 -
Threat Protection
1 -
User Group
1 -
Real-time Policy
1 -
Netskope Endpoint Client
1 -
Prelogon
1 -
PQDN
1 -
best practice
1 -
tunnel
1 -
Azure PaaS
1 -
FQDN
1 -
domain
1 -
Azure AD
1 -
file size
1 -
Support
1 -
Chrome
1 -
jamf
1 -
VPN Client
1 -
EC2
1 -
same access
1 -
Reverse Proxy
1 -
configuration
1 -
Auto Scaling
1 -
Home Office
1 -
Events
1 -
Netskope Agent
1 -
Home Access
1 -
update
1 -
APIv2
1 -
Preference VPN
1 -
DNS over TCP
1 -
Azure
1 -
SSL bypass
1 -
Preference NPA
1 -
install
1 -
Script
1 -
CASB
1 -
multi-user mode
1 -
CIDR
1 -
Automation
1 -
Pre-login
1 -
Best Practices
1 -
overlap
1 -
jumpcloud
1 -
CRL
1 -
NG-SWG
1 -
CIDR Overlap
1 -
traffic steering
1 -
PreLogon Tunnel
1
In order to view this content, you will need to sign in to your account. Simply click the "Sign In" button below
Sign In