Best Practices for Global Protect Machine and User Cert Authentication

GlobalProtect 6.2.1 Ubuntu DNS issues

Having the strangest issue on Ubuntu 24.04.1 with GP 6.2.1

Connection works about 75% of the time. Regularly I'm getting an issue where DNS fails to resolve over the VPN tunnel.

I've confirmed with wireshark that the DNS requests are being forwarded

Exclude Device from HIP check

Hello,

I have setup a HIP object\profile that does not allow a computer to connect if it does not belong to our domain and it is working as it should.

My question is if there is a way to exclude a device from this HIP check and it would be allowed to c

GP HIP check GP software version

Is there a way to perform check / enforce endpoint to have a specific version of GP rules ? 

Internal host Detection and cookie authentication override on portal/gateway

Hello,

I configured prisma access with GP Portal + External gateway and pre-logon always-on with Enforced Global protect Connection for Network Access, and also enable Internal host detection and cookie authentication override on both portal/gatewa

Alert for when Client VPN IPs are exhausted

Is there a way to setup an alert for when clients exhausted the Client IP pool or are close?

Device Block List for GlobalProtect - where is it in v10.x?

Both this: https://docs.paloaltonetworks.com/globalprotect/9-1/globalprotect-admin/host-information/block-device-access

and HELP indicate an DEVICE BLOCK LIST available for GlobalProtect.  When in the FW GUI I should see it in the GlobalProtect menu.

GlobalProtect Group Mapping for Azure SAML

Hi All,

I have configured Azure with Global protect enterprise application for SAML and configured the Group claim attribute as "group -> user.group" which as 3 usergroups Sales, IT , and Developers.

And in the Palo alto firewall (10.2.8), SAML

global protect ipv6 support

hi everyone,

I have GP configured for ipv4, it works (I also have both ipv4 and ipv6 addresses delivered via dynamic assignments from the isp for the internet link)

in the configuration if GP I use "none" under the IP assignments for ipv4 as I gues

Remoteapp through Global Protect VPN

Hi,

I am trying to grant access for my users on my PA-220 to application through RDP Remoteapp windows funcionality from VPN Global Protect. I managed to make it work in any other zone but that one.

Current rule is set up to allow applications MS-RDP

Unable to retrieve latest GlobalProtect App

I'm looking for help with downloading GlobalProtect for Ubuntu. I'm following steps over here . When trying to register the device I get error "Device and customer codes do not match a Support Account. Please contact a Super User to send you a regist

Global Protect Connection Issue

Gents,

My scenario: 

Currently: While I am in Canada, I can use Global Protect client to log in to my company portal without any issue. AFAIK, it ensures my IP range is within Canada.

Issue: I am travelling to different country. Now, if I use GP Client,