GP traffic black holing / redundancy

Dear all ,

One of my client is currently facing the below issue :

"We have faced some traffic black hole situations with Global Protect users when we are loosing internal connectivity in a GP gateway.

When firewall can no longer reach the LAN / internal

Found VAPT vulnerabilities points for SSLVPN URL.

We have done the VAPT on our environment and found the vulnerabilities for the SSLVPN URL which we use.

We had mitigated the maximum points but five points are remaining. So need help on that.

1. Password sent in Clear Text - CWE-319.

Some applicatio

Global Protect user-pre-logon from Windows domain login first time user

I'm having an issue finding an all inclusive document that can help me validate my GP portal and gw config to allow new users who receive a domain joined laptop be able to log into the domain on receipt of the laptop

current gw is pre-login with on-d

GlobalProtect using IPSec and a Site-to-Site IPSec VPN

I'm running a PA-500, PANOS 8.1.15-h3 and am trying to create a site-to-site IPSec VPN tunnel. It must run alongside an already configured GlobalProtect gateway where the GlobalProtect is also configured to use IPSec. Can these two VPN types exist on

Host-ID Information is not captured for some by GP Agent

Hi Team,

In Global Protect logs, for some of the MAC and Windows machine Host-ID information is not captured by the Agent what will be the possible cause for this and how to resolve this . 

Snap for Host ID not captured for some and captured for some

Active X support with Clientless VPN

Hello,

Has anybody configured clientless vpn with the web application which uses active X?

From the KB article, I believe active x is not supported technology. Can anyone confirm this?

Thanks.

Pre-Logon can't get IP address from IP pool

I created two agents for my internal gateway in GlobalProtect.

One is for Pre-Logon and another is for Any users. I split a big IP address pool for them two.

big pool:  10.224.0.0/20

Split to : 10.224.0.0/21 and 10.224.8.0/21

But no matter which one I as

Generate daily report

hello,
is there a way I can generate a daily report on the number of users that connected daily.

thanks

traffic not following the route

Hello

We have set split tunnel for our Win10 clients, GP is version 5.1.6 and 5.2.5. PAN-OS is 9.1.7.

- default route to firewall

- bypass tunnel for some network ranges (e.g. MS-Teams)

- bypass tunnel for some URLs (e.g. MS-Teams)

- enable DNS-Split

For

GlobalProtect 5.2.4 disconnects when unlocking screen

Seeing some interesting behavior with GP 5.2.4. On Windows 10 1909, GP disconnects when locking then unlocking the desktop.
To reproduce:

- Connect to your gateway then lock the desktop. Leave the desktop locked for a minute or two.
- While locked, the