This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
GlobalProtect Discussions
GlobalProtect discussions offers topics about our network security for endpoints that protects your organization's mobile workforce. This area is dedicated to GlobalProtect discussions to help you answer questions.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
GlobalProtect Discussions
GlobalProtect discussions offers topics about our network security for endpoints that protects your organization's mobile workforce. This area is dedicated to GlobalProtect discussions to help you answer questions.
About GlobalProtect Discussions
Welcome to the GlobalProtect discussion area! Here, you can engage in conversations about GlobalProtect, explore new insights, and stay updated on ongoing discussions. Check back regularly for the latest updates and community insights on GlobalProtect.

Discussions

Start a conversation

Resolved! Dynamic Updates - GlobalProtect Data File

Hi all,We are running a VM100. Should the GlobalProtect data file be getting regular updates? WildFire and the ThreatDB are working fine, but the last update for the GlobalProtect Data file is November 2020. I believe this is used for HIP information? Cheers,Paul.

pfox001 by L0 Member
  • 6692 Views
  • 3 replies
  • 1 Likes

Possible DNS Issue after GlobalProtect upgrade

Our GlobalProtect firewalls are running version 8.1.15 and another 9.1.4. We allow Split Tunnel, and one firewall has a 0.0.0.0/0 Include Access Route, and the other does not. Both don’t have any Excluded routes. The one firewall (9.1.4) does have a Domain and Application Entry, Excluding *.webex.com and webex.com domain for testing this featur...

What's stored in the GlobalProtect encrypted cookie on the endpoint?

Does anyone know what data is stored in the GlobalProtect authentication cookie?Is it something like a session token, session data unique to that connected VPN session? Would it contain user credential information if it's not a pre-logon setup? I know it can be setup to only be accepted from the original endpoint IP it was issued to, but is ther...

claner by L0 Member
  • 2162 Views
  • 1 replies
  • 0 Likes

Resolved! GlobalProtect immediate gateway-logout after gateway-register, no errors to be found in firewall monitoring

Hi LIVEcommunity, starting yesterday a select few (but increasing) amount of our GlobalProtect users can't establish a connection anymore. I checked the firewall's logs and can't find any hint as to what causes the issues, as most other users seem to be able to connect and work just fine. The GlobalProtect monitoring shows this:Receive TimeStatu...

Global Protect traditional and ADEM

Is Global protect without Prisma ever going to get anything related to what ADEM does for prisma? Would be super nice if some of the features would report back to local FW, or even just hold some information on the client for troubleshooting purposes.

Sec101 by L4 Transporter
  • 1838 Views
  • 0 replies
  • 0 Likes

Multiple Gateways needed due to SAML

Hello folks!Whenever this question is posed, the response is always a question: "Why do you want multiple gateways on the same firewall?". Customer wants to use SAML Idp (Azure MFA) which is fine unless you need a fallback authentication profile since SAML is not supported in an Authentication Sequence. The customer also insists that contractors...

Lutzor by L0 Member
  • 3538 Views
  • 1 replies
  • 1 Likes

Resolved! Global protect will not let me access corporate network at home but works outside of home

Hi, global protect will connect but not access the corporate network at home. However when I travel 5 km away from my house I can connect. However as I get closer to my home i can no longer access the corporate network. It’s seems the area I live in is a dead spot for global protect. Is there anything that can be done about this? I have tried bo...

savreen by L0 Member
  • 7985 Views
  • 3 replies
  • 0 Likes

Different IP on the same GP portal

Hello Guys, I would like to ask if it's possible to move the GP portal to another IP so I can issue a third party certificate for the portal without messing with the original public IP that I have for the GW and Portal. If possible, how could I achive this? I've seen a common solution is to add a loopback interface but there's no documentatio...

Incomplete network connection with Global Protect Over Public WiFi

Hi EveryoneOne of our user is experiencing the issue with GlobalProtect. When the user connect with globalprotect over public WiFi, he can only ping the LDAP server in the network and nothing else. I am wondering what can cause this issue and why the user cannot access the other network resources. Can someone please share your thoughts about thi...

GlobalProtect - Azure AD SAML Integration - Login inconsistent

Hello!We have Azure AD setup and running with the Palo. It works....sort of. The issue. When using Microsoft Edge (chromium/latest version) as the default browser, when global protect goes to connect, the login will just hang on trying. If you click on "click here" after the one of the authentications on the screen, the vpn will authenticate....

Global Protect - PreLogon/SAML with Cert Revocation

Hi All, Does anyone have a Globalprotect PreLogon setup with SAML authentication and CRL enabled? Having issues with this and have it raised with TAC but thought I'd reach out to the community. It's worth noting that we have a parallel setup using LDAP Auth identical to this configuration without Cert Revocation so we know the config is sound. T...

a.jones by L3 Networker
  • 5727 Views
  • 0 replies
  • 0 Likes

Global Protect 2FA O365

Hi All, Quick set of questions? We have a Globalprotect deployment on PreLogon for one of our user sets. Accompanying this we have deployed a separate gateway/Portal for Clientless VPN. Both Authenticating with LDAP. They have requested 2FA for their setup. Is it worth setting up 2FA for an Always On PreLogon setup - I don't think so at all? Pro...

a.jones by L3 Networker
  • 1739 Views
  • 0 replies
  • 0 Likes

Client successfully connects and get's IP but is unable to communicate to remote machine

I managed to get GP VPN setup on my PA220 and get a Windows workstation to connect to it. It gets assigned one of the IP addresses reserved for VPN clients. When I attempt to connect RDP to a remote machines from this VPN client it fails. The VPN client is x.x.x.195 and the target machine is x.x.x.18 in the same subnet. When I check the moni...

rmcrae by L3 Networker
  • 5813 Views
  • 8 replies
  • 0 Likes

VPN connection failure for mobile hotspot

Global Protect VPN worked fine till now with mobile hotspot or wireless dongle. From past 3-4 days, I am not able to connect to the gateway at all. Even the login popup doesn't come up. It works with broadband but not with wireless. Can someone help?GlobalProtect

  • 2069 Posts
  • 68 Subscriptions
Top Solution Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks