This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
GlobalProtect Discussions
GlobalProtect discussions offers topics about our network security for endpoints that protects your organization's mobile workforce. This area is dedicated to GlobalProtect discussions to help you answer questions.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
GlobalProtect Discussions
GlobalProtect discussions offers topics about our network security for endpoints that protects your organization's mobile workforce. This area is dedicated to GlobalProtect discussions to help you answer questions.
About GlobalProtect Discussions
Welcome to the GlobalProtect discussion area! Here, you can engage in conversations about GlobalProtect, explore new insights, and stay updated on ongoing discussions. Check back regularly for the latest updates and community insights on GlobalProtect.

Discussions

Start a conversation

Resolved! User-id with GP client certificate authentication

Hi,I have questions regarding user-id operation with GP client certificate authentication only for iOS/Android devices. Current state:We have GlobalProtect portal and external gateway on the same firewall with SAML authentication for mobile devices - iOS (on-demand, but enforcement to use VPN is achieved with proxy file) and Chrombook (always-on...

Global Protect Dual ISP

Hello i have configuration that need to be revise since there some ISP that can't provide asymmetric connection source. the rest Inbound NAT already clear using PBF but only Global Protect that still can't be enforce symmetric. Here my example configuration in firewall : ISP A : 10.10.10.2/28 ( Zone : Untrust ) GW ISP A : 10.10.10.1 VPN ISP A I...

PreviousConfig.jpg
NYanico by L1 Bithead
  • 1656 Views
  • 4 replies
  • 0 Likes

Resolved! Global Protect brute force config.

Good day all, I was reading a few articles bout changing the config for Brute Force: Object -> Vulnerability Protection --> Exceptions. I actually have two. One called Vulnerability Protections Profile-Strict and the other default. I check both of them and I do not see the 40017 that are mentioned. So I thought it was as easy as jus...

WGranada_0-1754315139237.png

GlobalProtect CLI error: cannot connect to local gpd service (SAML, OpenSUSE/Ubuntu)

We want to test GlobalProtect (PanGPLinux-6.2.8-c2) on an unsupported version of OpenSUSE 15.5 CLI. During installation and when attempting to connect, we encounter the error:“cannot connect to local gpd service”,even though the service is running and reported as active. Additionally, we are using SAML for authentication. In the GUI version, ins...

Global Protect Product IDEA !

It would be great if the Global Protect ICON which appears in my MacBook iOS Menu Bar when the VPN is connected could be modified to have the following features:Turn solid GREEN colour when connectedFLASH RED when disconnectedFLASH ORANGE when a timeout is approaching and offer to continue or dropI find my Global Protect VPN client (which is req...

Global Protect before logon shows "Connecting" just after -registerplap with no portal set

Hi, i have a problem with GP on newly installed Windows 11 Pro with GP 6.3.3-633. I am trying to setup GP before logon. I did that PANGPS.exe -registerplap and just after reboot Network Logon icon shows up but when I click it it shows GP icon and "Connecting" all the time, while I did not set any portal yet. Reboot is not helping. It's not showi...

image.jpeg
Buko84 by L0 Member
  • 1057 Views
  • 1 replies
  • 0 Likes

Resolved! GP and auth fails

Good afternoon! My Global Protect has 2FA set up so I'm only somewhat concerned about the number of fake connections I'm getting in the auth logs. They're all being routed to the identity provider and are getting squashed. However, I'd like very much to stomp these connections earlier in the chain and save myself some bandwidth. I've noted that ...

ghughes by L1 Bithead
  • 3749 Views
  • 1 replies
  • 0 Likes

Resolved! Global Protect version 6.1.1-5 download

I deployed client 6.1.1 into ConfigMgr and deployed it out to our clients to replace our older VPN system. However, when installed, it updates to the version mentioned in the subject. Where can I get this update I cannot find it in the app updates section. I only see 6.1.1. Thank you, AaronZ GlobalProtect

aaronz by L0 Member
  • 23939 Views
  • 2 replies
  • 1 Likes

Automating GlobalProtect Portal on macOS with Workspace ONE

Automating GlobalProtect Portal Updates on macOS with Workspace ONE push: We're looking for guidance on the best method and required settings to automate the updating of GlobalProtect portal and settings on macOS devices using Workspace ONE. Specifically, we need to know: Is there a Palo Alto Networks command-line interface recomendation or scri...

bgr003 by L0 Member
  • 518 Views
  • 0 replies
  • 0 Likes

Resolved! GlobalProtect "Tunnel is down due to keep-alive timeout"

User on Windows 11 computer is getting "Tunnel is down due to keep-alive timeout", internet is still connected for the user, and this happens very frequently for the user, no other users are reporting similar issues, anyone come across this before and resolve? User connects via wif-fi on home network. PanOS version 10.2.13 HF5 GlobalProtect Ag...

Redirecting from 3rd party auth provider back to GlobalProtect Clientless VPN application

Thanks for everyone's insights on this in advance. We are trying to expose an internally available web application (a self-hosted Git repository) through our GlobalProtect Clientless VPN. The challenge I'm trying to solve is setting the callback URL from our external authentication provider (Auth0) to redirect back to the portal address of the a...

tulioc by L0 Member
  • 630 Views
  • 0 replies
  • 0 Likes

Globalprotect VPN with SAML Azure + MFA - no login prompt after disconnecting!

Hey there, I have an issue trying to implement Globalprotect authentification via Azure MFA SAML. Our goal is that the user is asked to login with MFA everytime he tries to connect to our portal, which doesn't work. Basically the first time the user is trying to connect to our portal the user get's redirected over his browser to the Microsoft lo...

Wimazal by L0 Member
  • 929 Views
  • 0 replies
  • 0 Likes

Resolved! The virtual adapter was not set up correctly due to a delay. GlobalProtect will try again soon.

Hi Team After upgraded the Global protect from 4.1.9 to 5.1.8. Few of the Gp clients not connected. If I repair the Global protect its working fine. So checked the PANGP event logs and found the below error Tunnel is down due to disconnection.01/28/2021 11:21:33.772 [Error]: Failed to get default route entry01/28/2021 11:21:33.772 [Info ]: Tun...

I want to know the difference between GlobalProtect and Prisma Access Agent

Hi While looking at the docs for Palo Alto GP and Prisma Access Agent, I had a question. For convenience, we will refer to Prisma Access Agent as PAA. Can someone explain the crucial differences that differentiate GP and PAA? If we look at it only in terms of simple functions, PAA seems like it could replace GP. Should the two products be cons...

  • 2079 Posts
  • 68 Subscriptions
Top Solution Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks