https://live.paloaltonetworks.com/t5/globalprotect-discussions/globalprotect-how-to-renew-pre-logon-s-cookie-when-it-expired/m-p/387272#M943 <P>I created the Pre-Logon method for outside users, The Pre-Logon user use the Cookie authentication and Any user use the Username and password authentication. I don't want any user can login with Cookie because&nbsp;once the employee leaves the company, the ability to connect to the VPN through cookies(that are still in the life time) will bring security risks.</P><P>&nbsp;</P><P>But I found that if the Pre-Logon cookie expired, Pre-Logon will disconnect from then on. I don’t know how to renew the Pre-Logon cookie?</P><P>&nbsp;</P><P>I tried to log in to the GP client again but the Pre-Logon still didn’t work.</P><P>Can I only delete the cookie file manually? Then restart the login GP client to generate a new cookie?</P><P>This is not ideal. Who can give me better attention?&nbsp;</P> Tue, 23 Feb 2021 03:36:53 GMT is_trouser 2021-02-23T03:36:53Z https://live.paloaltonetworks.com/t5/globalprotect-discussions/globalprotect-how-to-renew-pre-logon-s-cookie-when-it-expired/m-p/387272#M943 <P>I created the Pre-Logon method for outside users, The Pre-Logon user use the Cookie authentication and Any user use the Username and password authentication. I don't want any user can login with Cookie because&nbsp;once the employee leaves the company, the ability to connect to the VPN through cookies(that are still in the life time) will bring security risks.</P><P>&nbsp;</P><P>But I found that if the Pre-Logon cookie expired, Pre-Logon will disconnect from then on. I don’t know how to renew the Pre-Logon cookie?</P><P>&nbsp;</P><P>I tried to log in to the GP client again but the Pre-Logon still didn’t work.</P><P>Can I only delete the cookie file manually? Then restart the login GP client to generate a new cookie?</P><P>This is not ideal. Who can give me better attention?&nbsp;</P> Tue, 23 Feb 2021 03:36:53 GMT https://live.paloaltonetworks.com/t5/globalprotect-discussions/globalprotect-how-to-renew-pre-logon-s-cookie-when-it-expired/m-p/387272#M943 is_trouser 2021-02-23T03:36:53Z https://live.paloaltonetworks.com/t5/globalprotect-discussions/globalprotect-how-to-renew-pre-logon-s-cookie-when-it-expired/m-p/387434#M944 <P>When a certain employee leaves the company, won't you clean their endpoint and uninstall GlobalProtect, which should remove the cookie file.</P><P>&nbsp;</P><P>&nbsp;</P> Tue, 23 Feb 2021 17:52:02 GMT https://live.paloaltonetworks.com/t5/globalprotect-discussions/globalprotect-how-to-renew-pre-logon-s-cookie-when-it-expired/m-p/387434#M944 vathreya 2021-02-23T17:52:02Z https://live.paloaltonetworks.com/t5/globalprotect-discussions/globalprotect-how-to-renew-pre-logon-s-cookie-when-it-expired/m-p/387508#M945 <P>Hi, I found the reason. I forgot to set the same cookie lifetime in the Gateway agent configuration. Only set it in Portal.</P><P>So when the Portal's Pre-logon cookie expired, re-login GP agent will not renew the cookie untill the Gateway's Pre-logon cookie expired too.</P><P>&nbsp;</P><P>I just need to set an appropriate cookie lifetime and wait for the cookie to expire naturally after the employee leaves.</P><P>&nbsp;</P><P>Am I right?</P> Wed, 24 Feb 2021 01:02:04 GMT https://live.paloaltonetworks.com/t5/globalprotect-discussions/globalprotect-how-to-renew-pre-logon-s-cookie-when-it-expired/m-p/387508#M945 is_trouser 2021-02-24T01:02:04Z