Securely authenticating GlobalProtect mobile users against Office 365

We posted a training video explaining how to securely set up SAML authentication with GlobalProtect end-to-end against Office 365 Azure AD.

At 29:35 it shows how to enable "Validate Identity Provider Certificate" and fix the commit error "Validate Id

GlobalProtect intrazone access

Is it possible to create a rule to allow certain intrazone traffic for GlobalProtect clients. E.g. so that client1 on GP can ping client2s GP interface. I tried creating a specific rule that would allow traffic from GlobalProtect security zone to Glo

Glass magnifier detail info needed for HIP Match, Log Detail

Hi, I am looking to see if there is a way to export or report the details info that glass magnifier provides when click on HIP Match, Log Detail in the glass magnifier column. The HIP Match columns do provide basic info such as: pc name, user name, d

GP SSO SAML Azure AD - Microsoft SSO Login Page

Hi,

Why sometime we see the Microsoft SSO Login page requesting password ? 

Most of the time, this is seemless and transparent to user, and we do not have to enter username/password which show me that SSO is working great. However, like I said, somet

Looking to mirror traffic from our global protect VPN to a mirror port

We are looking to send traffic to a mirror port similar to the decrypt and mirror functionality for our global protect VPN. We essentially would like to mirror all traffic coming and going to clients connected to our global protect VPN traffic to an

MicrosoftIntune deployed PaloAtlo VPN client not working using custom ports

Hi,

we are using Android for Work deployed by Intune. We are also deploying PaloAlto VPN Client from Managed Google Play using Intune.

With VPN client deployed from Managed Google Play we can connect to company network, but we cannot access application

GP - MFA notification message for desktop clients

I recently configured Cisco DUO with our GlobalProtect. When a user connects in on Windows/Mac there is no prompt from the client to go approve the MFA on their phone. It just hangs waiting. Can I have GP prompt the user letting them know that furthe

global protect Version 5.1.4 can not install on a Surface X with a ARM proc

I read the information that Version 5.1 and higher is working for ARM processor but I receive the message:

"This installation package is not supported by this processor type. Contact your Product Vendor"

Got a Surface X with Windows 10 64Bit and using

exclude ms update in global protect

We are facing the bandwith issue due to windows update and want to exclude ms-update application application in global protect vpn .

2- we also seen the users are getting ip address in login session from post authentication ip pool d

Gateway WAN-IP Could not connect to the gateway. Please contact your IT adm

Hi community,

I recently got a problem but I can't find the cause of it. In GlobalProtect the following error message was displayed:
WAN-IP gateway Could not connect to the gateway. Please contact your IT administrator.

It's normal now, but what could h