Globalprotect SAML User Group Mapping

Hi !

I am trying to get the User/Group mappings which are defined in Azure (Enterprise App - App Globalprotect)  transfered via SAML to our Portal/Gateway.
User-IP Binding works fine but I am missing the group associations.

I'd appreciate any kind of he

GlobalProtect keeps re-authenticating automatically

We need GlobalProtect setup with DUO via RADIUS and we need the user to have to manually re-auth after 11 hours. We have struggling to get this to work. Login Lifetime or Cookie Auth Expiration both automatically re-auth the user even when GlobalProt

Renew Global Protect Gateway & Portal Certificates

Hi All,

Greetings,

We are using certificate from external CA for Global Protect Portal and Gateway which is currently in production. 

It is expiring next week. What will be the best way to renew the certificate.

Thank & Regards

S Prasad

See the users version of Global Protect in Panorama

I am getting ready to test upgrading GlobalProtect using the "Allow Transparently" option of the upgrade for a small subset of users. I want to verify the upgrade worked from Panorama without reaching out to the user for verification that it worked.

Creating self signed Certificate for IOS device 14 and 15 on Palo Alto firewall

Hi Folks,

Our GP VPN Portal and Gateway Certificate had expired recently. When we created an new self signed certificate on Palo Alto firewall and mapped it to GP VPN Portal and Gateway.

We are able to connect to portal and Gateway and it is working

GlobalProtect iOS Certificate issue

Hello,

  I’m in the middle of trying to make a gateway for iOS devices and I’m having an issue. I use MobileIron to push out the config and it uses an MI SCEP cert; I’ve added the MI SCEP CA to the PAN device and set it up as the auth profile. If I o

GlobalProtect Android app stopped working after December Android security update

Anyone else having problems connecting from Android GlobalProtect after the December Android security update?

On the firewall I see: Error code 26, Failure to get client configuration.

Client message: You are not authorized to connect to GlobalProtect

Global Protect Portal - authentication with otp and certificate

Dear support,

We configured Global Protect portal, also configured two authentication profile, one for AlwaysOn connections, another one for remote access on demand manual user connection with OTP. combine those authentication profiles in authenticat

Force GP User to New IP

Is there anyway that I can force a user to a new IP? I tried logging them out, refreshing the connection, logout button in the gui. I cannot find a way to do this, any ideas? 

GlobalProtect welcome page acceptance

It seems like 5.2.7 and later GP agents no longer allow the Decline or Accept terms of use at the welcome page.  This feature was available in 5.2.6.  Anyone know how to enable this feature again in the newer agent releases?

"The network connection is unreliable and GlobalProtect reconnected..." Message Requirements

Does anyone know what specific requirements cause the message "The network connection is unreliable and GlobalProtect reconnected using an alternate method. You may experience slowness when accessing the internet or business" to appear? Does GlobalPr

Issues using Elliptic Curve DSA certificates with GlobalProtect agent

Anyone else come across this?  Anyone using ECDSA certs for their GlobalProtect Portal or Gateways?  Have you tried non-Windows/MacOS clients?

Configuring GlobalProtect Gateways to use ECDSA certs instead of RSA certs breaks everything except Windows

Global Protect unresponsive, clicking connect button does nothing

I have several clients that their Global protect (5.2.9) does nothing when they click the connect button. This behavior began with the retirement of Sophos AV. Reinstalling Sophos makes it work again however. Our organization is in the process of ret