This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
GlobalProtect Discussions
GlobalProtect discussions offers topics about our network security for endpoints that protects your organization's mobile workforce. This area is dedicated to GlobalProtect discussions to help you answer questions.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
GlobalProtect Discussions
GlobalProtect discussions offers topics about our network security for endpoints that protects your organization's mobile workforce. This area is dedicated to GlobalProtect discussions to help you answer questions.
About GlobalProtect Discussions
Welcome to the GlobalProtect discussion area! Here, you can engage in conversations about GlobalProtect, explore new insights, and stay updated on ongoing discussions. Check back regularly for the latest updates and community insights on GlobalProtect.

Discussions

Start a conversation

Scanning campaigns against PAN OS Global Protect gateways

Recently we saw Scanning campaigns against PAN OS Global Protect gateways. Which is the stable version of Global protect client version for Windows 10/11 ? https://thehackernews.com/2025/04/nearly-24000-ips-target-pan-os.html https://www.bleepingcomputer.com/news/security/nearly-24-000-ips-behind-wave-of-palo-alto-global-protect-scans/ https:/...

k.pillai by L0 Member
  • 1164 Views
  • 2 replies
  • 0 Likes

GlobalProtect Gets White Screen at CBL (v. 6.0.4-c26)

Hello, My organization is having an issue with connecting to the GlobalProtect VPN app 'Connect BEFORE Logon' (CBL) feature specifically with the 6.0.4-c26 version. Our previous version, 5.2.6 handled this feature just fine but our organization needs to utilize the latest version for security reasons. 6.0.4-c26 can connect to the VPN normal...

Android OS cannot connect on GP using ECDSA algorithm

Hi, Is anyone encountering the same issue, where an Android user cannot connect to GP VPN? Here are the current settings: PAN-OS version: 11.1.14-h7 GP on Android version: 6.1.6-730 Android version: 14 Fortunately, it was fixed temporarily by replacing the certificate used by the GP portal/gateway from ECDSA to RSA. Therefore, it was co...

MAC Default Web Browser Auth Block

We are testing GP 6.2.7 always-on with enforcing connection for internet set. Our windows machines work just fine with the embedded browser but we are having an issue with MACs. Some of our MACs are trying to connect and redirect to the default web browser ( we don't have default browser set in configurations). The page redirects to login.micr...

User/Group mapping with GP SAML (User-ID)

Hi, I've got GP configured with SAML authentication and it works great. However, I would need to get out User-ID or group so that I can use them in security policies to allow or deny specific rules and access to resources. Is that possible and how? Thanks

update Global Protect VPN using sccm

trying to deploy GP VPN client to users using sccm and I am seeing installation of global protect could not be completed because these applications were running Globalprotect Client GlobabProtect service to install successfully, please these applications and then retry the installation

gbakkali by L1 Bithead
  • 1550 Views
  • 3 replies
  • 0 Likes

saml auth clear user in globalprotect browser

I manage many GlobalProtect VPN environments. One inparticular annoys me, in its portal configuration it uses the Palo Alto web browser for SAML authentication. As a result .... because I have used the GP web browser for authentication in the past.... I can't seem to clear the user it tries to authenticate with against other GlobalProtect envir...

ChrisVee by L1 Bithead
  • 13184 Views
  • 7 replies
  • 1 Likes

Resolved! Global Protect Clientless VPN

Hi Guys, I am new to Palo and looking for little guidance. I setting up a clientless VPN along with GP. (one user will get access through GP Agent and second user group will only access the Clientless (web portal type). I have the GP connected, SplitTunnel working no issue - I am having issues connecting a user via ClientLess. I have pub...

KGupta133201_0-1742625908851.png
KGupta133201_0-1742626101937.png

Resolved! Limit access to physical adapter using Global protect

I want to preface this, we are not having issues with Global protect per se, rather we are looking to limit the access to the device running global protect. We recently have seen an instance of a device running GP that was locked due to a bad actor RDPing to the public IP address of the device. We are assuming the device was connected directly...

Resolved! GlobalProtect doesn't upgrade

Our current version in clients is 5.2.7. Now I have activated 5.2.8 but clients doesn't upgrade. Our setting for upgrade is allow transparently. Client machines shows pop up that GlobalProtect agent upgrade is in progress please wait etc... but nothing happens. Previous update to 5.2.7 couple of month ago went smoothly. This is first time this k...

ToniE by L2 Linker
  • 16705 Views
  • 8 replies
  • 0 Likes

Upgrade GP client using SCCM

Hi All, We have a VPN solution with 3000+ users. However we need to upgrade the GP client ( Current: 5.2.6 | Targeted: 5.2.11) but due to the high volume, we are considering pushing the client over SCCM; group-wise. I have seen some articles outside the live community related to client upgrades over SCCM that can lead to issues. Could you please...

Udana by L1 Bithead
  • 3293 Views
  • 2 replies
  • 0 Likes

Nested plist capable for Mac GlobalProtect?

I want to get the GlobalProtect client version at portal connection, so I'm trying to get it via Portal Data Collection. The problem I'm running into is twofold:1. There is a /Library/Preferences/com.paloaltonetworks.GlobalProtect.settings.plist and a ~/Library/Preferences/com.paloaltonetworks.GlobalProtect.settings.plist. The value I want is in...

Palo Alto (GlobalProtect) URL duplicated

Hi, everyone!I’ve noticed that when I add a new application and try to access it using the clientless page, the URL is sometimes rewritten with a duplicate path. For example, it becomes:https://vpnconnect.mycompany.org/https/app1.menu.com/app/https/app1.menu.com/app instead of the correct URL:https://vpnconnect.mycompany.org/https/app1.menu.com/...

  • 2077 Posts
  • 68 Subscriptions
Top Solution Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks