This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
GlobalProtect Discussions
GlobalProtect discussions offers topics about our network security for endpoints that protects your organization's mobile workforce. This area is dedicated to GlobalProtect discussions to help you answer questions.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
GlobalProtect Discussions
GlobalProtect discussions offers topics about our network security for endpoints that protects your organization's mobile workforce. This area is dedicated to GlobalProtect discussions to help you answer questions.
About GlobalProtect Discussions
Welcome to the GlobalProtect discussion area! Here, you can engage in conversations about GlobalProtect, explore new insights, and stay updated on ongoing discussions. Check back regularly for the latest updates and community insights on GlobalProtect.

Discussions

Start a conversation

Verifying Pre-Logon or User Logged into GP Remotely.

We have some Windows machines on GP that connect via a pre-logon tunnel which then fully connects when the user logs in. We would like to target machines for a specific package installation push only when the VPN is fully connected (i.e. not connected via pre-logon, but an actual authenticated user). My question is, are there any checks that c...

Global Protect not working with MacOS Sonoma

Hello folks, i have a massive issue with GLobalProtect since the MacOS Sonoma Upgrade. It does not connect to the VPN Service. It tries to connect for a minute or so, but than it just says it can not. I don't even get to the part to insert a user or password. I checked to official website, and the client my company is using is 6.0.7-372, ...

Raphael_0-1701168080764.png
Raphael by L0 Member
  • 18880 Views
  • 7 replies
  • 1 Likes

Global Protect Captive Portal allowing defender to see other devices on network

Hi, Our security team is seeing Windows defender able to probe guest wifi at hotels and see other devices like phones and laptops on the network, until Global Protect can finally connects to one of our gateways. They want the network restricted to just the captive portal for the hotel until connected to a gateway. Anyone know what can be restr...

Resolved! Prisma Access Security policy enforcement

So I was looking at prisma access content and came across this: If traffic is initiated from a service connection and bound for a mobile user or a remote network, Prisma Access cannot restrict the traffic. The traffic hits no security-enforcement point, because the RN-SPN and MU-SPNs enforce Security policy only on sessions ingressing into Prism...

global protect whoami

Hello, I am seeing a weird activity from globalprotect agents where the agent is trying to execute wa3_3rd_party_host.32.exe and the agent after that is executing whoami command. PS: the HIP policy is disabled on the firewall

BARaha by L0 Member
  • 1128 Views
  • 1 replies
  • 0 Likes

Resolved! Does Global Protect RADIUS support Message Authentication? (to mitigate BlastRADIUS 9/10 CVSS vulnerability )

Does the Global Protect RADIUS implementation support Messaging Authentication? If not, how quickly will a hotfix to patch this vulnerable implementation of RADIUS be released? Background info: When configuring Global Protect we used RADIUS to integrate RSA Secure ID as a second factor to LDAP, to ensure it took more than just a password to ...

mmason by L1 Bithead
  • 6873 Views
  • 6 replies
  • 0 Likes

Consuming user group in GlobalProtect SAML Authentication

A bit of background: We are an all-Google G Suite company. We do not have internal LDAP servers. Everyone auths to Google. We are using PA 3060s as our firewalls and VPN systems. We are getting ready to turn on SAML authentication for GlobalProtect. We are using Google as our IdP. I've gotten it working, but I want to make policy decisions based...

Intune with IOS and Global Protect, utilizing certificate-based authentication troubles.

We have been trying to migrate a client from Airwatch to Intune for MDM management. Part of this deployment was implementing certificate-based authentication for their Global Protect VPN client. We have been successful with Windows, and Android. However, we have not been able to get MacOS, iPadOs, or IOS to work successfully. all the Error logs...

Global protect: separate vendors and employees

Setup: We have one GP portal and one gateway currently, used by employees and vendors. All GP users are authenticated with Entra and Duo MFA. We are using a public cert. for the FQDN and a single IP in the current setup. Vendors are assigned to a different subnet than employees when connecting to GP. Change: We want to use the Entra authentica...

ChuckW by L1 Bithead
  • 1429 Views
  • 2 replies
  • 0 Likes

Resolved! Require serial number match?

We are running 10.2.2 w/ GP 6.0.3 and I am unable to figure out how to have my serial number (discovered via HIP) be required to match what is in AD. Could someone please show me which way to go? Support and my sales engineer have been unable to assist. Thank you, Andy

AProwant by L0 Member
  • 6963 Views
  • 3 replies
  • 0 Likes

Global Protect redirects to app authentication and not SAML Authentication

Good Day community Looking for some advise and guidance. we are running into an issue where we have random users trying to connect to Global Protect experiencing issues where they are not redirected to the SAML authentication page, but rather the imbedded authentication of the application itself. The user either needs to stop the services ...

mariuse by L1 Bithead
  • 4052 Views
  • 7 replies
  • 0 Likes

Global protect VPN disconnecting multiple times

Has anyone experienced the same issue as me? From what I've noticed, GlobalProtect VPN has disconnected multiple times, mostly for Microsoft Windows 10 Homemodel: PA-850sw-version: 9.0.9-h1global-protect-client-package-version: 6.0.5Example -- PanGPS.log --(P5752-T19644)Info ( 246): 02/17/23 22:50:42:026 HipCheckThread: got check hip event or ti...

  • 2062 Posts
  • 68 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks