This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
GlobalProtect Discussions
GlobalProtect discussions offers topics about our network security for endpoints that protects your organization's mobile workforce. This area is dedicated to GlobalProtect discussions to help you answer questions.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
GlobalProtect Discussions
GlobalProtect discussions offers topics about our network security for endpoints that protects your organization's mobile workforce. This area is dedicated to GlobalProtect discussions to help you answer questions.
About GlobalProtect Discussions
Welcome to the GlobalProtect discussion area! Here, you can engage in conversations about GlobalProtect, explore new insights, and stay updated on ongoing discussions. Check back regularly for the latest updates and community insights on GlobalProtect.

Discussions

Start a conversation

GlobalProtect IPSec configuration

We have been using GlobalProtect for awhile but I just became aware that none of our clients are connected using IPSec even though the option is checked. I can't see anything being blocked so I am wondering if it is a configuration issue of some kind. Note: we are using loopback interfaces and both the gateway and portal use the same loopback

Resolved! GlobalProtect - Slack split tunnel stopped working for some users

Hello,I have a case open but I thought I would post here in case someone had seen this. Most of our users use GP client 5.2.6. We are going to force an upgrade to 5.2.8 soon. In the mean time we have encouraged people to start upgrading when they have a chance so the whole company isn't force upgraded at once. Most people don't have any is...

GlobalProtect connects, but doesn't download client updates on some MACs

We've setup a 3220 firewall to transparently download and install the GlobalProtect client to our MAC users. Once the client is Activated it gets pushed and installed on most of our user's MACs. About 25% of them though don't update to the new client, but they all connect. The troubleshooting steps I've seen are mostly for testing the client con...

StanG by L0 Member
  • 1640 Views
  • 0 replies
  • 0 Likes

Since Migrating to PA-460 PAN-OS 10.1.3, SMS-message-based multi-factor authentication (MFA) did not display a prompt to enter the authentication code

Since Migrating to PA-460 PAN-OS 10.1.3, from PA-3020 PA-OS 9.1....... SMS-message-based multi-factor authentication (MFA) did not display a prompt to enter the authentication code. PA-3020 with PAN OS 9.1 Firewall forwards incoming Global Protect authentication Request to Microsoft RADIUS Server with NPS extension for Azure, which allows us to...

GlobalProtect SSL error

(P19520-T11728)Dump (1338): 02/09/22 16:16:12:010 SSL_connect: initialization (P19520-T11728)Dump (1338): 02/09/22 16:16:12:010 SSL_connect: write client hello A (P19520-T11728)Dump (1355): 02/09/22 16:16:12:059 SSL_connect:error in SSLv2/v3 read server hello A (P19520-T11728)Debug( 324): 02/09/22 16:16:12:059 SSL connect failed (P19520-T11728)D...

Resolved! Global Protect users cant connect - certificate out of date

Hello, I have over 1000 users and just this week some users (maybe 10) have not been able to connect to Global Protect from home. I worked out its because their ROOTCA has expired under Manage Certificates on their laptop. Its been working for 2 years and every user seems to have different dates. As far as i know the certificate server on-pre...

Resolved! How to generate report for Global Protect versions on endpoint

Hi Palo Alto community, I am new to Global Protect management portal. I have the access to view the firewall and I would like to see what version of Global Protect are all the end users are using. Is there a way for me to generate the up to date report? I would like to confirm that there's no inconsistent version of GP on the devices. Thanks fo...

LuckyLau by L1 Bithead
  • 5719 Views
  • 2 replies
  • 0 Likes

Resolved! Dynamic Updates - GlobalProtect Data File

Hi all,We are running a VM100. Should the GlobalProtect data file be getting regular updates? WildFire and the ThreatDB are working fine, but the last update for the GlobalProtect Data file is November 2020. I believe this is used for HIP information? Cheers,Paul.

pfox001 by L0 Member
  • 6603 Views
  • 3 replies
  • 1 Likes

Possible DNS Issue after GlobalProtect upgrade

Our GlobalProtect firewalls are running version 8.1.15 and another 9.1.4. We allow Split Tunnel, and one firewall has a 0.0.0.0/0 Include Access Route, and the other does not. Both don’t have any Excluded routes. The one firewall (9.1.4) does have a Domain and Application Entry, Excluding *.webex.com and webex.com domain for testing this featur...

What's stored in the GlobalProtect encrypted cookie on the endpoint?

Does anyone know what data is stored in the GlobalProtect authentication cookie?Is it something like a session token, session data unique to that connected VPN session? Would it contain user credential information if it's not a pre-logon setup? I know it can be setup to only be accepted from the original endpoint IP it was issued to, but is ther...

claner by L0 Member
  • 2133 Views
  • 1 replies
  • 0 Likes

Resolved! GlobalProtect immediate gateway-logout after gateway-register, no errors to be found in firewall monitoring

Hi LIVEcommunity, starting yesterday a select few (but increasing) amount of our GlobalProtect users can't establish a connection anymore. I checked the firewall's logs and can't find any hint as to what causes the issues, as most other users seem to be able to connect and work just fine. The GlobalProtect monitoring shows this:Receive TimeStatu...

Global Protect traditional and ADEM

Is Global protect without Prisma ever going to get anything related to what ADEM does for prisma? Would be super nice if some of the features would report back to local FW, or even just hold some information on the client for troubleshooting purposes.

Sec101 by L4 Transporter
  • 1821 Views
  • 0 replies
  • 0 Likes

Multiple Gateways needed due to SAML

Hello folks!Whenever this question is posed, the response is always a question: "Why do you want multiple gateways on the same firewall?". Customer wants to use SAML Idp (Azure MFA) which is fine unless you need a fallback authentication profile since SAML is not supported in an Authentication Sequence. The customer also insists that contractors...

Lutzor by L0 Member
  • 3511 Views
  • 1 replies
  • 1 Likes
  • 2062 Posts
  • 68 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks