https://live.paloaltonetworks.com/t5/globalprotect-discussions/portal-gateway-cookies/m-p/384296#M890 <P>It depends on your requirement.</P><P>&nbsp;</P><P>i just use generate only on the portal and accept only on the gateways. Lifetime 5 mins.</P><P>&nbsp;</P><P>3 main reasons for me, ensures credentials are required for portal login, reduces AD traffic for LDAP auth and is essential for one time passcodes.</P><P>&nbsp;</P><P>but you can of course use any number of variations between the 2x2 boxes.</P> Sat, 06 Feb 2021 11:06:42 GMT Mick_Ball 2021-02-06T11:06:42Z https://live.paloaltonetworks.com/t5/globalprotect-discussions/portal-gateway-cookies/m-p/384167#M886 <P>I'm having an issue with the wording, I think. When setting up cookies for both portals and gateways do I need to check 4 boxes total? I need to generate the cookies on both the portal and gateway THEN accept the cookies for overrides? Then I can set portal for a few days and cookies acceptance for hours? I always thought the portal sent something to the gateway, but it looks like I do portal cookies and gateways with acceptance?</P><P>&nbsp;</P><P>Thanks!</P> Fri, 05 Feb 2021 17:15:36 GMT https://live.paloaltonetworks.com/t5/globalprotect-discussions/portal-gateway-cookies/m-p/384167#M886 phinneywill 2021-02-05T17:15:36Z https://live.paloaltonetworks.com/t5/globalprotect-discussions/portal-gateway-cookies/m-p/384296#M890 <P>It depends on your requirement.</P><P>&nbsp;</P><P>i just use generate only on the portal and accept only on the gateways. Lifetime 5 mins.</P><P>&nbsp;</P><P>3 main reasons for me, ensures credentials are required for portal login, reduces AD traffic for LDAP auth and is essential for one time passcodes.</P><P>&nbsp;</P><P>but you can of course use any number of variations between the 2x2 boxes.</P> Sat, 06 Feb 2021 11:06:42 GMT https://live.paloaltonetworks.com/t5/globalprotect-discussions/portal-gateway-cookies/m-p/384296#M890 Mick_Ball 2021-02-06T11:06:42Z