Host certificate check HIP objects configuration

we are planning to configure certificate check HIP object  and authentication based on that. we are not getting any clear picture in online or palo alto portal. please help up to provide resource...

VPN Login Failures

Hi,

I received two kinds of events when I tried to connect VPN.  Which event I can consider as a threat.

I have excluded the username pre-logon from monitoring but for the destination 0.0.0.0 is receiving.

Why destination IP show 0.0.0.0? Can I ign

Global Protect HIP issues with Jamf Agent

Hi All

I am having difficulties with HIP testing from Global protect to detect for Jamf Pro on Macintosh devices. We use the Cloud based Jamf Pro and the only options for HIP Objects for this is either for a plist or Process. Plist is out of the ques

Exclude a Application behind Clientless VPN from decryption

Hi all,

I am currently facing the problem of publishing an internal web application via GlobalProtect Portal and Clientless VPN.

The principle is already used by us and works very well so far.

However, this one particular application has a proper

Global Protect HIP Testing with Fortinac / Bradford - Macintosh PC's

Hi All

I am having difficulties with HIP testing from Global protect to detect for NAC Persistent agent (formally called Bradford agent) on Macs. I have put in a process in the HIP object to look for /Library/Application Support/Bradford Networks/Per

Configure TOTP (Google Authenticator) for GlobalProtect

I have looked at the different support documents and previous discussions but have not gotten much wiser. 

I need to have a handful of users connect to GlobalProtect with TOTP as the second authentication factor. Since the number of users are so low,

Using Keycloak as idP

Has anyone succeeded in using Keycloak as idP with Globalprotect?

We're having issues with the windows clients receiving "You are already logged in" while trying to log in, which also make the gp app hang. The GP app for macOS never experience this.

GlobalProtect for iOS and Intune data attributes

Hello everyone!  I'm currently working on setting up GlobalProtect and having it send appropriate HIP data to the firewall.  I got Windows devices working pretty well, but I'm struggling with iOS devices that are managed by Intune

According to https:

Dynamic DNS Registration Support for Mobile Users—GlobalProtect

Hello -

Has anyone successfully done this with Infoblox?

I followed this https://www.youtube.com/watch?v=a99yioMVREA but it doesn't seem to be getting to the DNS.  Not sure how to troubleshoot.

Globalprotect tries to connect then goes back to 'Connect' button

Having one computer that has issues with the GP client. I have tried GP version 4.8, 5.2, and 6.1 and various means of having them update or refusing to update etc.  I have restarted the computer, uninstalled and deleted app data and Program Files fo

GlobalProtect and Microsoft Intune

What happens if I have a newer version of GlobalProtect and something like InTune tries to install an older version?  Does it just fail?  Does it fail but restart the service?

Cannot connect to Global Protect

I have founded some error when connect to Global Protect.

'the network connection is unreachable or the gateway is unresponsive. check the network connection and reconnect'

I can connect to the internet and another user setting same network can conne

Apple Mac OS X Ventura 13.5.0 + GlobalProtect App 62.0-89 + SAML authentication

  I am authentication through a SAML redirect to Azure and it works perfect with windows users but get this blank pop-up issue when Mac users try to VPN in. I have tried the following advice below with the same results.

https://knowledgebase.paloalto