Can traffic steering be used in a Panorama managed Prisma Access deployment to route traffic to certain public websites (like YouTube) through our internal Palo Alto firewall? The documentation on this feature was slim.
Hi,
We have a Global Protect portal available to our users via a public facing URL. Question I have is whether the Palo Alto solution can support multiple portals based on the same URL and interface IP to serve different authentication profiles. Ex
...
Hello. Is there a way to install the Global Protect configuration during the installation? Our PC imaging process installs GP and also adds the portal address but the configuration is not there until a user logs into the PC and then signs into Glo
...
Hello,
I have a question regarding the possibility of a 2 phase VPN connection. Please see below for a description of the scenario.
User A logs in to global protecting when logging on to their PC. I have this part completed using User logon (Always o
...
I am having experience in the global protect agent login window when the user starts logging from the machine. Chinese characters are populating automatically in the GP agent username logging field window, and users have to clear the character to ent
...
Hi All,
I have recently configured a clientless vpn for a customer but the solution needs client certificates for the users to log in with a browser. Is there a way I can make this an authentication only solution with no client certificate requiremen
...
Hi,
Have some users after upgrading to GP 5.1.6 that are getting this error. Has anyone come across this? I've seen it with other DLLs before, but not this specific one. GP seems to be working fine, despite the error
The code execution cannot pro
...
It looks like Global Protect is a hot issue and specifically in combination with prelogon functionality.
We're also having a situation that appears to difficult to explain.
The idea is:
When handing out devices with global protect preinstalled and prec
...
For a browser based web application over a cellular connection, would the Clientless VPN be any more reliable (connection) then using the android client?
I am not able to resolve hostname (mac and Linux only) for users on GPVPN.
Eg. I am in the Data Center LAN and when I try to ping, nslookup or ssh into a VPN user machine via hostname, the name doesn't resolve at all.
Same thing works fine when user
...
Hi,
My name is Anthony, and we are ISP from Montreal, Canada.
It came to my attention that our IP Subnet: 149.115.208.0/20 according to paloalto geo database appears as it is located in USA, whereas ARIN, NIC, maxmind and others state correctly it is s
Our organization has started noticing that every 24 hours (give or take an hour) new connections to our Global Protect VPN service is rejecting new connections to the appliance. We also notice that the portal landing page stops responding and issues
...
We have configured the Azure MFA NPS as a first factor of authentication. I am getting the OTP but in the GP client I am not getting any thing to put that otp.
We have configured Azure MFA NPS extension as a radius server and first factor of authentic
...
We have SAML for GlobalProtect setup and working on our test PA firewall and cannot be used for production.
Our goal is to configure our production firewalls to use SAML for GlobalProtect and limit specific AD groups for testing until we make SAML glo
Hi there,
We've setup our global protect to exclude all video traffic, using this guide: https://docs.paloaltonetworks.com/globalprotect/9-1/globalprotect-admin/globalprotect-gateways/split-tunnel-traffic-on-globalprotect-gateways/exclude-video-traff
...
OtakarKlier
on:
GlobalProtect client verison branches
TomYoung
on:
Global Protect two MFA prompts for Portal and Gateway
reaper
on:
Global Protect vpn unable to reach internal networks
reaper
on:
Download GlobalProtect ARM64
