Are there any current versions of PAN-OS that support secure renegotiation? If yes, can someone point me to a guide with how to configure it?
I'm trying to exclude MS Teams traffic from GlobalProtect. We are using the entire O365 platform but I only want to exclude MS Teams. Has anyone been able to successfully get this to work? I found some older community posts but most seemed to have inconsistent results. I'm running PAN OS 9.0.x and GP 5.2.6. Is excluding "%LOCALAPPDATA%\Mic...
Hi All, I am able to authenticate users against the portal with SAML and Azure AD all good. Since I can't pull groups from Azure I'm using LDAP for the portal and policies also working. The issue is that the user from Azure is coming down to the firewall as doman.local\user while on prem LDAP is just domain\user. Any way to drop the .local at th...
Hi Everyone, Greeting!!I have a concern regarding the Global protect log forwarding for forwarding the logs to Qradar SIEM Tool. The concern is about whether Global Protect support for LEEF Format if it does support i want a document that contains the required fields about the Global protect to be sent to the SIEM Tool.I want to confirm two thin...
It is our corporate policy standard to disable NetBIOS over TCP/IP for the IPv4 component of all network adapters on corporate devices as a preventative security measure. This is achievable via powershell scripting on all Windows devices. However, we run into issues with the PANGP Virtual Ethernet Adapters being created by the GP 5.1.x softwar...
We are using machine and user certificates from a windows server 2016 CA. to authenticate when using Global Protect.Step one is the prelogin connections and it works as intended. The IP address is assigned on 10.1.1.0/24 network.Once the user logs into the computer it is configured as always on VPN then switch to user certificate for the user V...
Hello all, Does Global Protect allow for making two concurrent connections to different environments at the same time? We have (2) pairs of PAN's in different data centers (on different subnets) and have a need for connecting to both environments at the same time. In the past we have used OpenVPN prior to migrating to PAN's. Is this possible ...
Hello, We have just rolled out Global Protect on our workstation & mobile clients, and are starting to run into a bit of a problem.It seems that on some of the machines, the file : pangps.txt (log file) just keeps on growing.Now, in itself it's normal that the size increases a bit over time but we have had some machines where the log file be...
I am using globalprotect vpn to my company. I would like to know how to save username & password?You can save it if you use older version (4.x) but you can't is you upgrade to 5.x.Windows 10 + GlobalProtect 5.1.8I could not find out how to save username & password after upgrading to 5.1.8.
Hi I am trying to setup pre-login for my company I see I need to setup self signed certs and install them on all the clients but everything I have read says I need two separate global protect gateways setup. Can I not just setup the gateway we are already using and convert it to pre-login? Would doing this cause an issue?
(T21400)Debug(1158): 06/10/21 17:58:32:971 SPStop is called(T21400)Debug( 783): 06/10/21 17:58:32:983 PreviousDNSInfo doesn't exist, no need to restore(T21400)Info ( 552): 06/10/21 17:58:32:983 not call uninstallClientConfig, netSetup=000001EBBD0BF770, clientConfig=000001EBBDC6E730, panMSService=000001EBBDA6B610, panMSService->IsConfigInstall...
Hi Team, We are unable to download PDF format report of Global VPN Users. we tried to download via csv/pdf format , but not downloading.(network>GP gateway>remote user > pervious user > pdf/csv)
Restriction of the users on the GP portal page.We selected a particular group in the allowed list, but authentication was failing unless we select all.
Hi anyone,Can the Palo Alto send OTP to SSL VPN authentication with email like a Fortigate devices ? Thx before
Hi, I have configured gp with saml autentication; my azure ad connector is configured for hash pass synchronization. I noticed that gp always authenticates me regardless of whether the password has expired or not. there is no way to force me to change the password from the 365 screen? do i need to configure pass through autentication? Thank you
BPry
on:
MacOSX Tahoe 26.4.1 (25E253) / Global Protect 6.3.3: Network is unreachable
