This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
GlobalProtect Discussions
GlobalProtect discussions offers topics about our network security for endpoints that protects your organization's mobile workforce. This area is dedicated to GlobalProtect discussions to help you answer questions.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
GlobalProtect Discussions
GlobalProtect discussions offers topics about our network security for endpoints that protects your organization's mobile workforce. This area is dedicated to GlobalProtect discussions to help you answer questions.
About GlobalProtect Discussions
Welcome to the GlobalProtect discussion area! Here, you can engage in conversations about GlobalProtect, explore new insights, and stay updated on ongoing discussions. Check back regularly for the latest updates and community insights on GlobalProtect.

Discussions

Start a conversation

Multiple Gateways needed due to SAML

Hello folks!Whenever this question is posed, the response is always a question: "Why do you want multiple gateways on the same firewall?". Customer wants to use SAML Idp (Azure MFA) which is fine unless you need a fallback authentication profile since SAML is not supported in an Authentication Sequence. The customer also insists that contractors...

Lutzor by L0 Member
  • 3515 Views
  • 1 replies
  • 1 Likes

Resolved! Global protect will not let me access corporate network at home but works outside of home

Hi, global protect will connect but not access the corporate network at home. However when I travel 5 km away from my house I can connect. However as I get closer to my home i can no longer access the corporate network. It’s seems the area I live in is a dead spot for global protect. Is there anything that can be done about this? I have tried bo...

savreen by L0 Member
  • 7863 Views
  • 3 replies
  • 0 Likes

Different IP on the same GP portal

Hello Guys, I would like to ask if it's possible to move the GP portal to another IP so I can issue a third party certificate for the portal without messing with the original public IP that I have for the GW and Portal. If possible, how could I achive this? I've seen a common solution is to add a loopback interface but there's no documentatio...

Incomplete network connection with Global Protect Over Public WiFi

Hi EveryoneOne of our user is experiencing the issue with GlobalProtect. When the user connect with globalprotect over public WiFi, he can only ping the LDAP server in the network and nothing else. I am wondering what can cause this issue and why the user cannot access the other network resources. Can someone please share your thoughts about thi...

GlobalProtect - Azure AD SAML Integration - Login inconsistent

Hello!We have Azure AD setup and running with the Palo. It works....sort of. The issue. When using Microsoft Edge (chromium/latest version) as the default browser, when global protect goes to connect, the login will just hang on trying. If you click on "click here" after the one of the authentications on the screen, the vpn will authenticate....

Global Protect - PreLogon/SAML with Cert Revocation

Hi All, Does anyone have a Globalprotect PreLogon setup with SAML authentication and CRL enabled? Having issues with this and have it raised with TAC but thought I'd reach out to the community. It's worth noting that we have a parallel setup using LDAP Auth identical to this configuration without Cert Revocation so we know the config is sound. T...

a.jones by L3 Networker
  • 5661 Views
  • 0 replies
  • 0 Likes

Global Protect 2FA O365

Hi All, Quick set of questions? We have a Globalprotect deployment on PreLogon for one of our user sets. Accompanying this we have deployed a separate gateway/Portal for Clientless VPN. Both Authenticating with LDAP. They have requested 2FA for their setup. Is it worth setting up 2FA for an Always On PreLogon setup - I don't think so at all? Pro...

a.jones by L3 Networker
  • 1719 Views
  • 0 replies
  • 0 Likes

Client successfully connects and get's IP but is unable to communicate to remote machine

I managed to get GP VPN setup on my PA220 and get a Windows workstation to connect to it. It gets assigned one of the IP addresses reserved for VPN clients. When I attempt to connect RDP to a remote machines from this VPN client it fails. The VPN client is x.x.x.195 and the target machine is x.x.x.18 in the same subnet. When I check the moni...

rmcrae by L3 Networker
  • 5712 Views
  • 8 replies
  • 0 Likes

VPN connection failure for mobile hotspot

Global Protect VPN worked fine till now with mobile hotspot or wireless dongle. From past 3-4 days, I am not able to connect to the gateway at all. Even the login popup doesn't come up. It works with broadband but not with wireless. Can someone help?GlobalProtect

Resolved! Block user from connecting with Global Connect

Hello,I have tried searching and must be missing something.I am trying to block a user from attaching Global Protect. From what I have read you should be able to go to Network>GlobalProtect>Device Block List and add the device\user to the list. The issue I am running into is that I do not see this list when I go there. I am running PANOS 1...

thoffman by L2 Linker
  • 14352 Views
  • 4 replies
  • 0 Likes

Setting up multiple SAML Azure AD identity providers on palo alto

I want to add a new Azure AD SAML identity provider which I will be using to create a new authentication profile. This profile would be used for creating new global protect portal using same gateway but allowing only set of access routes. I wanted to know if this would be possible from both PA and Azure AD side? After installing a new PA applica...

Multiple Portals/Gateways

GP on the fw is setup and working. I have a group of users i need to isolate from everyone else - most of the time.So if they use the url vpn1.mydomain.com they get IP Pool X and specific X policies. If they use url vpn2.mydomain.com they get IP Pool Y and specific Y policies. It seems like i should be able to setup multiple portals and gateways...

GFN182 by L2 Linker
  • 13037 Views
  • 14 replies
  • 0 Likes

Parsing GlobalProtect gateway multi user configs failure

I have different purpose (new certificate with different CN) to create a new/parallel portal&gateway (to keep the change transparent for end user/and to keep easy revert back possibilities in worst case), so when i try to create a new por+gw by adding new pub-IP on same internet interface, using new certificate, using new client iP pool rang...

IT.OPS by L0 Member
  • 2706 Views
  • 0 replies
  • 0 Likes

Knowledge sharing: community account fix and Globalprotect troubleshooting/investgation updated/edited article

My old account was fixed by Palo Alto life community following article https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClNHCA0 , so I am resharing the post for "Knowledge sharing: Globalprotect troubleshooting/investgation. Split tunnel,Globalprotect app/agent configuration options and etc. to solve issues" as this is p...

  • 2063 Posts
  • 68 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks