You can now configure gateway-level IP pools to assign
IP addresses to all endpoints that connect to the GlobalProtect
: PAN-OS® 8.1 and later
GlobalProtect gateways now support gateway-level IP pools that
enable you to assign IPv4 or IPv6 addresses to all endpoints that
connect to the gateway. This enhancement simplifies gateway configuration
by allowing you to define a global IP pool for the entire gateway
instead of requiring separate IP pools for each client setting within the
gateway configuration. GlobalProtect previously supported IP pool
configuration at only the client-level.
must configure IP pools at only the gateway-level (
Client IP Pool
or only the client-level (
the following steps to configure a gateway-level IP pool for a GlobalProtect
When the tunnel settings become editable, configure
the tunnel parameters for the gateway.
Configure the global IP pool used to assign IPv4 or IPv6
addresses to the virtual network adapters on all endpoints that
connect to the gateway.
IP address subnet/range or address object that you want to use to
assign IPv4 or IPv6 addresses to all endpoints that connect to the
gateway. To ensure proper routing back to the gateway, you must
use a different range of IP addresses from those assigned to existing
IP pools on the gateway (if applicable) and to the endpoints that
are physically connected to your LAN. We recommend that you use
a private IP addressing scheme.