GlobalProtect Multiple Portal Support

Reply
Highlighted
L1 Bithead

GlobalProtect Multiple Portal Support

I have  GlobalProtect 4.1.3-8 and durning the install I added to portails and there is now a portal selection at the bottom but ater make a connection it is always grey and I see no wat to log out of the current connection.

 

This is on a Windows 7 install so I'm guessing it works in Windows 10 or I'm missing a disconect option someplace. ???

L6 Presenter

Re: GlobalProtect Multiple Portal Support

You may be guessing wrong, i would check the portal app settings on the firewall to see if you are allowed to do what you hope to do.

 

you may be set to always on and denied change portal address, this will overide any previous settings on connection.

L1 Bithead

Re: GlobalProtect Multiple Portal Support

So I’m a user of the client software and need to connect more than one customer and customer A can block me from connecting to customer B or anyone else? I have to uninstall and reinstall to connect another portal? Seems kinda odd. :( Not sure why they would do this as customer A itself has more than one portal for their organization. ???

 

" i would check the portal app settings on the firewall " The Windows firewall? I only have the client.

L6 Presenter

Re: GlobalProtect Multiple Portal Support

" i would check the portal app settings on the firewall " The Windows firewall? I only have the client.

 

no sorry, the palo alto firewall you are connecting to...

the GP settings are under  Device\Network\Portal\Agent\Configs\App

 

we have 6 portals and all are set to deny users changing portal address.(prevent users tamporing)

 

however, our 7th one is for 3rd party support and this allows them to change portals.

 

so perhaps the PA administrator is not aware of the issue he is causing and could create a seperate config on the same portal to allow you to change addresses.

if you need further advice on this then no problem but you of course will not be able to modify the PA settings.

 

Also... it is not uncommon to use a seperate VM for different VPN's.

 

 

L6 Presenter

Re: GlobalProtect Multiple Portal Support

also2.   if you need to connect to other URL's then simply have a reg key on your desktop to change portal in the registry but you will need to restart the PANGps service to swap...

L1 Bithead

Re: GlobalProtect Multiple Portal Support

 

 

Not sure how this stops tampering. I can see an over the top IT department wanting it but not really stopping anything. Oh well.

 

That sounds loads better than keeping a number of VMs going or reinstalling. I do use a VM for my various VPN connections and was hoping to not have to make more.

 

Just search the registry for the portal address?

 

Thanks for the info.

L1 Bithead

Re: GlobalProtect Multiple Portal Support

P.S. I terribly miss Mr. David Robert Jones. :(

 

Aside from enjoying his music, in every interview I saw of him, he seemed like a nice guy.

L6 Presenter

Re: GlobalProtect Multiple Portal Support

HKEY_CURRENT_USER\Software\Palo Alto Networks\GlobalProtect\Settings      

the key is LastUrl

 

 

 

L6 Presenter

Re: GlobalProtect Multiple Portal Support

yeah, big part of my life back in the 70's, my brother was a zillion times more of a fan and i lost him last year so me little piccy is a tribute to him aswell...

 

the tampering thing...

 

we have over 8000 GP users and as soon as they cannot connect (usually wifi issues) they will modify the portal address cos they know best....   this would generate thousands of calls so we tie it down.

 

we also set to "always on" as we do not allow access to any other network apart from ours.

 

this is company policy so i have no say...

 

Laters...

L1 Bithead

Re: GlobalProtect Multiple Portal Support

I had found the portal folders but not that key. Thanks!

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!

The Live Community thanks you for your participation!