This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Cookie Policy. Click Preferences to customize your cookie settings.
GlobalProtect Always On Issue
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- LIVEcommunity
- Discussions
- General Topics
- GlobalProtect Always On Issue
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Printer Friendly Page
GlobalProtect Always On Issue
Options
- Mark as New
- Subscribe to RSS Feed
- Permalink
07-19-2022 03:26 AM - edited 07-19-2022 03:32 AM
I am currently testing GlobalProtect Always on, I have configured to operate at user logon. The issue I am having is that on start-up of my laptop, on my corporate network I am prevented from any network access. If I connect to my public WIFI and connect GlobalProtect and can access my network ok. Reverting back to my corporate network and it then detects I am on my internal network and allows access to the network ok.
If I restart my laptop I faced with the same problem. If the laptop starts on the corporate network GlobalProtect fails to detect its on internal network.
I have configured Internal Host Detection (which is working if GP has connected previously.
It's not usable in this form, am I missing something?
7 REPLIES 7
Options
- Mark as New
- Subscribe to RSS Feed
- Permalink
07-25-2022 02:41 PM
You are required to use an authentication profile on the Portal (user and/or cert). There are a couple was to fudge no authentication after an initial connection (using saved creds/cookies/etc.), but it is a bad idea for obvious reasons. So I haven't put much work into it.
Ideally you want to use a machine or user certificate for the Portal login. That will allow your clients to be transparent in the connecting to the Portal, while protecting you from unauthorized clients download the GP client and/or config off the Portal.
Options
- Mark as New
- Subscribe to RSS Feed
- Permalink
07-26-2022 03:26 AM
So I have got myself a little confused with the whole setup.
Originally I had an external portal and gateway. When a user is at home they launch the GP app and are prompted for a username and password to connect - All great.
I have now configured a new Internal Portal and have set the authentication to user name or certificate, but when connecting my laptop to my internal network I get prompted for a username and password.
Options
- Mark as New
- Subscribe to RSS Feed
- Permalink
07-26-2022 06:16 AM
So what I am ultimately looking to achieve is. Always on VPN for when the user is offsite outside our network. But when they are back on our network Internal Host Detection kicks without interaction from the user.
I am close to achieving this but I am still required to login even when connected to the internal network - Once logged in it detects the internal network.
Related Content
- Unable to send HTTP Post / crosszoneha in VM-Series in the Private Cloud
- Virtual Adapter was not setup correctly due to a delay (WIN10) in GlobalProtect Discussions
- Issue using MFA in GlobalProtect ) in GlobalProtect Discussions
- AIOps FREE displays no data in AIOps for NGFW Discussions
- ASA migration to PA in General Topics
Like what you see?
Show your appreciation!
Click Like if a post is helpful to you or if you just want to show your support.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
LEGAL NOTICES
Copyright 2007 - 2023 - Palo Alto Networks