This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
GlobalProtect Discussions
GlobalProtect discussions offers topics about our network security for endpoints that protects your organization's mobile workforce. This area is dedicated to GlobalProtect discussions to help you answer questions.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
GlobalProtect Discussions
GlobalProtect discussions offers topics about our network security for endpoints that protects your organization's mobile workforce. This area is dedicated to GlobalProtect discussions to help you answer questions.
About GlobalProtect Discussions
Welcome to the GlobalProtect discussion area! Here, you can engage in conversations about GlobalProtect, explore new insights, and stay updated on ongoing discussions. Check back regularly for the latest updates and community insights on GlobalProtect.

Discussions

Start a conversation

Resolved! Friendly Re-authentication

Hi folks,We have a number of users trialling our new Global Protect setup and it appears a small number are workaholics.We have the authentication window set at 10hrs (its Radius with TOTP) - and the authentication cookie also expires after 10hrs. From the user perspective, at the 10hr mark, all connectivity is cut and interactive apps (ssh for ...

GN_ROS by L1 Bithead
  • 6435 Views
  • 3 replies
  • 0 Likes

Trouble with HIP checks for Anti-Malware

Hi Community!I have some issues getting HIP checks to work on a PA820.Have configured a couple Objects that checks whether the Cortex XDR agent or Windows Defender is installed/enabledAnd have them added to a profile that I have added to the GlobalProtect Gateway.This seems to be working fine on a LAB-PA220 - triggers whenever Cortex XDR is not ...

pasmartin_0-1622111654042.png
pasmartin_1-1622111671636.png

GP 5.2.6 - Post-VPN-Connect error

Hi Just wondering if anyone is seeing this issue by chance on windows with post-vpn-connect on GP 5.2.6 I am pretty sure it worked fine with older versions... but we have had other bugs with the older client so can't really roll back Scenario 1 - If a machine is rebooted the behaviour we see is the post connect command is called however it erro...

rajjair by L2 Linker
  • 2839 Views
  • 1 replies
  • 0 Likes

Resolved! DNS lookup takes a long time with GP

GlobalProtect Gateway is being used, and all traffic is being routed to the firewall except for some network. DNS lookup takes a long time when I input the domain (website which not in the PC DNS table) that the browser accesses first while connected to a VPN- DNS Lookup time takes about 5-10 seconds The DNS server is using an internal server, a...

Jinnypt by L1 Bithead
  • 12682 Views
  • 12 replies
  • 0 Likes

DIfference between Inactivity Logout and Disconnect on Idle

Hi All, We want GP users to get automatically logged out after 30 minutes. We had changed the "disconnect on idle" value in the connection tab to 30 minutes and then checked after 30 mins for GP Client logout. But the GP Client is still connected to the gateway(Using on-demand user logon). After going through the Palo Docs we found out that no t...

Wildcard cert

I recently setup a backup internet provider and bought a wildcard cert instead of renewing our previous cert. Previously just had a cert for remote.mydomain.com we used for globalprotect from network solutions. I have external DNS A records set for remote.mydomain.com with an ip from our main provider. I also set up an A record for remote2.mydom...

Resolved! "You are not authorized to connect to GlobalProtect Portal"

Hello Everyone, I had global-protect working perfectly. Two days ago however something happened (not sure what caused the problem) and I'm unable to connect to GP anymore. I always get the error: "You are not authorized to connect to GlobalProtect Portal". The weird thing is that in the system logs there are no error messages relating to GP, I...

DNS - Clients don't update when users return to office

Hi, We have an issue when users return to the office the Windows DNS servers can not update the IP address to the office IP. We think its more of a Windows DNS permission issue but just wanted to check if anyone has seen this issue before. - User on VPN get's IP from Palo via GP.- DNS is updated in windows (owner is machine name).- User then co...

LukeRath by L1 Bithead
  • 5061 Views
  • 4 replies
  • 0 Likes

Resolved! iPhone 12 pro max iOS 14.3.2 Cert issue for global protect

I have been trying to get this to work for days not and I am not getting anywhere. I always seem to struggle with certs due to how they are chained.On my Palo I have a rootca (self-signed, certificate authority), intermediateca (issued by rootca, and also certificate authority), then I cut a cert called gp-cert (issued by intermediateca, non cer...

davidlan by L0 Member
  • 3694 Views
  • 1 replies
  • 0 Likes

Resolved! macOS Big Sur with OKTA

I've just updated my MAC to macOS Big Sur. After update I can't connect anymore because GP client doesn't inove OKTA's login page.I'm using GP version 4.1.13-2Can someone help?Thanks.

Connection failed : Could not connect to the global protect gateway

Hi, I have recently upgraded my mac from catalina to big sur 11.2.1. My earlier global protect client was working fine with catalina but after mac upgrade I upgraded global protect client to version 5.2.4. After doing this I'm getting the error of Connection failed Could not connect to the global protect gateway after entering my username and ...

AS2195 by L0 Member
  • 3686 Views
  • 1 replies
  • 0 Likes

Multiple Gateways and Pre-logon

I have one portal and 3 Gateways. I set up a preferred gateway at HIGHEST based on an active directory group so users connect to their home office. When using Pre-logon since the user is a shared account the connection on a reboot seems to always find the closest gateway. This is OK but when my users log in they stay on that gateway until we r...

T-Mobile Home Internet won't maintain connection

I am on T-Mobile Home Internet(LTE) I can log into my company's servers, website and email for about 3 seconds and then it says not -connected and I can't access anything. The Global Protect status shows connected the entire time(Version 5.0-7.2). I've been back and forth with my IT Helpless desk and they blame it on T-mobile. T-mobile blames it...

joetart by L0 Member
  • 3917 Views
  • 1 replies
  • 0 Likes
  • 2069 Posts
  • 68 Subscriptions
Top Solution Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks