Does changing GlobalProtect VPN to Always On require reinstalling?

I have about a hundred users remote but they don't always need to VPN. However depending on how long WFH goes, I may need them to VPN for things like WSUS windows updates.

Rather than assume everyone will follow instructions to connect to VPN (I still

Change Global Protect Config when users are connected

Hi Guys,

We have global protect deployed. Portal and Gateway are the same firewall. 

Now if I do any changes on the Gateway, are those changes immediately effective for the connected users as well?

Is there any "profile" that is being pushed to clients

Globalprotect: gateways or satellites?

I'd like to setup a GP environment with a single portal, but two different locations (gateways?) where clients can connect. The documentation talks of gateways and satellites. I'm uncertain of the differences and when you would choose one or the othe

Global Protect fails after some time

GlobalProtect fails mid way after connecting, remote sessions are opened and then suddenly everything stops working. On checking route table though it seems routes get removed. We have tried installing latest version global protect version 5.0 or 5.1

Palo-Alto with Cisco ACI - managed mode

Does Palo Alto support "Managed" mode in Cisco ACI? the documentation only mentions "unmanaged" mode. 

I am trying to deploy VM series firewall with managed mode. 

Ipsec proxy id has exceded

We are getting error when configured ipsec tunnel and the error is that "number of entry has exceeded" in proxy id.

PA-5220

OS-9.0.5

For your information please find attached screenshot.

Missing Zone Assignment

I have an issue where traffic coming in one zone is not being forwarded to the right zone.  It seems the destination zone is not being assigned right when the session is setup.  It seems to be matching the predefined intrazone policy trust-trust.   H

Experience with GlobalProtect during Corona pandemic time

I would like to share issues with GlobalProtect, and what was done to fix it.

QoS with loopback interface
Due to high network load on the Internet line, we wanted to priorize (or limit) some traffic. It took several hours (testing, reading documents,

QSFP+ cable for HSCI, what 3rd party product are you Using?

Hello,

Just curious what cables everyone is using for their HSCI qsfp+ for HA2. My vendor wants to sell me a 10m cable, I dont need 33 feet to span less than 1 :(. Just curious what people are doing prior to using a standard port with 10GB gbics.

Chee

How to Marge 2 ISP Linses

Dears, 

I have 2 ISP lines 

link 30Mb 

link 20Mb

I need to marge  the 2 ISP lines to be 50Mb. I have PA3020

Designing Networks - Access Denied

Hi community,

I'm wondering if it is possible to gain access to the below live community link or is this just for Palo Alto Networks employees?

https://live.paloaltonetworks.com/t5/Internal-Knowledge-Base/Designing-Networks-with-Palo-Alto-Networks-Fi

Rasmgr GlobalProtect

Hi,

We are SNMP monitoring the number of users connected by GlobalProtect Gateway. Sometimes we see how the graph goes to 0 and recover the value some minutes later. No issues were reported by users connected by SSL-VPN.

 So we are investigating if th

Global Protect with Google Authenticator

Hi Everyone, does anybody has ever implementing multi factor authenticator using Google Authenticator?