This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
GlobalProtect Discussions
GlobalProtect discussions offers topics about our network security for endpoints that protects your organization's mobile workforce. This area is dedicated to GlobalProtect discussions to help you answer questions.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
GlobalProtect Discussions
GlobalProtect discussions offers topics about our network security for endpoints that protects your organization's mobile workforce. This area is dedicated to GlobalProtect discussions to help you answer questions.
About GlobalProtect Discussions
Welcome to the GlobalProtect discussion area! Here, you can engage in conversations about GlobalProtect, explore new insights, and stay updated on ongoing discussions. Check back regularly for the latest updates and community insights on GlobalProtect.

Discussions

Start a conversation

Resolved! Failed GlobalProtect login confusion

We're experiencing a very slow "brute force" login to our VPN but I'm having issues understanding how they're trying to log in. We currently use okta. None of their failed attempts are showing up in okta but they are showing up in the GlobalProtect monitoring tab of the firewall. Where could they be trying to log in (and failing) to make these...

Untitled.png

The virtual adapter was not set up correctly due to a delay - Keeps returning

Hi all, we have been troubled with this issue for the past few years, and have never been able to completely get rid of it. Every week we get a few machines with the error and have to uninstall, delete the Wbem repository, reinstall which will fix it for an unknown period of time. This week I had a machine do it 3 days in a row, and the issu...

Dekkar by L1 Bithead
  • 2615 Views
  • 1 replies
  • 0 Likes

GP Settings

I would like to limit the number of VPN sessions as 1 a user can connect to. For example, if I have already connected VPN from laptop A and attempt to connect VPN from laptop B, I want to block connection or terminate existing connection. Is it possible to do this? Regards, Sanjay S

Understanding pre-logon logs

I'm trying to understand the global protect logs I am seeing. I see bad actors from various countries trying to brute force username/passwords. I always see 2 logs per attempt. 1 Portal-auth Login Failure, and 1 portal-prelogin before-login success. Prelogin should be setup to require a cert so I'm not sure why it's saying portal-prelogi...

Verac22_0-1726172808735.png
Verac22 by L2 Linker
  • 1105 Views
  • 0 replies
  • 0 Likes

Resolved! GlobalProtect On-Demand using authentication profile and user certificate from PKI on gateway

I'm trying to setup a GlobalProtect On-Demand environment.The portal uses an LDAP server profile for authentication and has been validated to be working fine.I intend to configure the gateway to use a combination of RADIUS and certificate profile to authenticate. I've confirmed that authentication works without the certificate profile.My underst...

DelvinC by L2 Linker
  • 7088 Views
  • 6 replies
  • 0 Likes

Verifying Pre-Logon or User Logged into GP Remotely.

We have some Windows machines on GP that connect via a pre-logon tunnel which then fully connects when the user logs in. We would like to target machines for a specific package installation push only when the VPN is fully connected (i.e. not connected via pre-logon, but an actual authenticated user). My question is, are there any checks that c...

Global Protect not working with MacOS Sonoma

Hello folks, i have a massive issue with GLobalProtect since the MacOS Sonoma Upgrade. It does not connect to the VPN Service. It tries to connect for a minute or so, but than it just says it can not. I don't even get to the part to insert a user or password. I checked to official website, and the client my company is using is 6.0.7-372, ...

Raphael_0-1701168080764.png
Raphael by L0 Member
  • 19077 Views
  • 7 replies
  • 1 Likes

Global Protect Captive Portal allowing defender to see other devices on network

Hi, Our security team is seeing Windows defender able to probe guest wifi at hotels and see other devices like phones and laptops on the network, until Global Protect can finally connects to one of our gateways. They want the network restricted to just the captive portal for the hotel until connected to a gateway. Anyone know what can be restr...

Resolved! Prisma Access Security policy enforcement

So I was looking at prisma access content and came across this: If traffic is initiated from a service connection and bound for a mobile user or a remote network, Prisma Access cannot restrict the traffic. The traffic hits no security-enforcement point, because the RN-SPN and MU-SPNs enforce Security policy only on sessions ingressing into Prism...

global protect whoami

Hello, I am seeing a weird activity from globalprotect agents where the agent is trying to execute wa3_3rd_party_host.32.exe and the agent after that is executing whoami command. PS: the HIP policy is disabled on the firewall

BARaha by L0 Member
  • 1153 Views
  • 1 replies
  • 0 Likes

Resolved! Does Global Protect RADIUS support Message Authentication? (to mitigate BlastRADIUS 9/10 CVSS vulnerability )

Does the Global Protect RADIUS implementation support Messaging Authentication? If not, how quickly will a hotfix to patch this vulnerable implementation of RADIUS be released? Background info: When configuring Global Protect we used RADIUS to integrate RSA Secure ID as a second factor to LDAP, to ensure it took more than just a password to ...

mmason by L1 Bithead
  • 7021 Views
  • 6 replies
  • 0 Likes
  • 2069 Posts
  • 68 Subscriptions
Top Solution Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks