Dear all,Please see the design below , the idea is testing against IPs 172.16.158.1 (IPs of VLAN 161) using path monitoring + static route Can we add a path monitoring to an internal static route , that internal route monitoring reachability of 172.1...
Dear all ,One of my client is currently facing the below issue :"We have faced some traffic black hole situations with Global Protect users when we are loosing internal connectivity in a GP gateway.When firewall can no longer reach the LAN / internal...
We want to move the users to a different portal adres. How can we do this without asking all users to manualy adjust the portal adres? i've tried changing the reg key set at installation time, but this didn't work (tried rebooting and refresh connect...
We have done the VAPT on our environment and found the vulnerabilities for the SSLVPN URL which we use. We had mitigated the maximum points but five points are remaining. So need help on that. 1. Password sent in Clear Text - CWE-319.Some application...
I'm having an issue finding an all inclusive document that can help me validate my GP portal and gw config to allow new users who receive a domain joined laptop be able to log into the domain on receipt of the laptop current gw is pre-login with on-d...
First, I'm just a simple user of a Global Protect client since this is required by our company. I'm not proficient with technical terms and stuff. Issue: I successfully connected to the gateway however, I have no internet connection. No sites can be ...
GlobalProtect set up on a firewall with an internal IP address sitting behind an edge Internet device Internet Router (2.2.2.2/24) > Internal Network > PAN ( 192.168.0.2/24) I'm using OS 9.0.13 internally i can connect (for testing purpose), but exte...
Is it possible to block internet access if user does not authenticate through the GP client? We don't want any access to the web on the laptop unless they fully authenticate through Okta/GP (SAML). Would Pre-logon solve this? Thanks
Hi,Is there a way to force a client to upgrade their globalprotect version? I have set the update to transparent and this works when users boot up their computers and connect. The issue comes from users that remain connected and don't disconnect. Dis...
I'm running a PA-500, PANOS 8.1.15-h3 and am trying to create a site-to-site IPSec VPN tunnel. It must run alongside an already configured GlobalProtect gateway where the GlobalProtect is also configured to use IPSec. Can these two VPN types exist on...
Hi Team, In Global Protect logs, for some of the MAC and Windows machine Host-ID information is not captured by the Agent what will be the possible cause for this and how to resolve this . Snap for Host ID not captured for some and captured for some ...
Hello, Has anybody configured clientless vpn with the web application which uses active X? From the KB article, I believe active x is not supported technology. Can anyone confirm this? Thanks.
I created two agents for my internal gateway in GlobalProtect.One is for Pre-Logon and another is for Any users. I split a big IP address pool for them two.big pool: 10.224.0.0/20Split to : 10.224.0.0/21 and 10.224.8.0/21But no matter which one I ass...
hello,is there a way I can generate a daily report on the number of users that connected daily.thanks
Hello all, we have let say 10 users behind one home internet router.They can ping the portal and so on but just one of them can connect. The error of the others is that there is a network problem trying to reach the portal.Are there any limitations? ...
on:
IOS Global protect Issue
on:
Remote initiation of Global Protect Logs
on:
[Global Protect][Clientless VPN][Automatic authentication]
on:
Does PBF rule works for traffic originating from Global Protect Client
on:
verify encrption
