Hi @SamirK ,
Currently, no feature to restrict number of connections from a single user. You can follow the document https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClorCAC and filter with username to see the concurrent connections by a single user.
As already written by @Abdul_Razaq , there is no limit of the concurrent connections of a single user. The theoretical max is the max supported vpn connection count of the hardware/vm you are using.
(Quite a while ago I wrote a little script to terminate connections if a user is logged in more than once. So far this is still the only possibility to somehow restrict concurrent connections: https://live.paloaltonetworks.com/t5/general-topics/how-to-limit-concurrent-globalprotect-connection... )
Because I have seen similar issues like SamirK, so for Globalprotect it is not like the issue with an RDP connection where there is only one session and if a script uses another username to connect the firewall will overwrite the connection ip to user mapping (basically having a limit to just one connection per client source ip) ?
Hi @nikoolayy1 ,
No, it is not the same. With the RDP scenario you will have multiple users related to same IP address and instead of keeping both it will override username with the last received.
Having multiple concurrent connections to GlobalProtect for the same user it will create multiple IP addresses related to same username, which is totally fine and all entries will kept. Because each successful login will assing you new IP from the pool.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!