GlobalProtect Discussions | Palo Alto Networks

Resolved! Use Rest API (10.1) to terminate user from VPN

Does Rest API (10.1) support terminating a user from the VPN? I know this can be done in XML API but I am not seeing the commands I am looking for available in /restapi-doc.

Ideally, I could connect to Panorama and terminate both Prisma SASE mobil

...

Resolved! Login Windows non stop popup when VPN is not connected.

Hi,

Currently have GlobalProtect 6.1.1-6 installed by my IT department on my work laptop.

When I'm at work, I obviously don't need to be connected to the VPN. The problem I have is that I get a Login window popup every 20-30min or so. The window

...

SAML SSO not working with global protect

Hello All

we have issues with global Protect with MACOS for SAML SSO authentication.

anybody make it work SSO for MACOS with azure AD SAML authentication ?

its working for Microsoft application not for global protect .

Thanks

Global Protect Issue

Hello All,

Hope you all are doing well.

We are using global protect 5.2.14. Most of the users are connecting successfully but some of the users are facing frequently no internet connection or gateway is unreachable even i tested those users in ot

...

How to configure VPN and Certificates to cut VPN access when the Certificate is revoked.

Hello team,

I need to know How to configure VPN and Certificates to cut VPN access when the Certificate is revoked.

I have revoked a certificate I am using on my GlobalProtect connection and the connections are working fine, I need to cut this co

...

Global Protect cert based authentication.

I've got a machine certificate for pre-logon, and that seems to work great, I can see that I am connected to my VPN from the login screen. But what I have noticed is that when I log into Windows, my username ends up being 'first_name last_name', whi

...

GlobalProtect authentication behaviour when Encrypt/Decrypt cookie for authentication override expires

Hello.

I am looking for some enlightenment as to what happens or should happen when the certificate used to encrypt/decrypt the authentication cookie presented by the GP Portal expires.

My assumption based on real world experience shows users are

...

Global Protect default inbuilt free license VM-100

Dear Team,

I want to know default inbuilt free license keys available in VM-100

Can any once help on this.

GlobalPortect Pre-logon (Always On) with certificate authentication only

Hi There

Does anybody know, if it's possible to configure GlobalProtect to use a machine certificate for the pre-logon authentication and just a user certificate for the user authentication?

For me it looks like, that this won't work.

As soon as I am

...

Global Protect still prompting users to downgrade from 6.x to 5.x (macOS)

Hi. We've had multiple employees complain of being prompted to downgrade from one incremental version of 5 to another and I had assumed that the prompts would stop once everyone upgraded to version 6, but they are still getting the prompts. We are al

...

Do we need Admin right to downgrade Global Protect Client ?

Do we need Admin right to downgrade Global Protect Client manually ?

Resolved! Global Protect Drops Connection Easily

I observe that Global Protect drops connections while other apps are not. What thresholds need to be exceeded for Global Protect to give up and drop? I would like to consider how to improve network or end point factors to limit the frequency of Glob

...

Resolved! Traversing Site-To-Site Tunnel via GlobalProtect

Hi everyone,

See if you can give me some insight here as I've exhausted all my options.

Scenario

I have a client who has two branch offices, each one with a PA-440 installed. Both these PAs are linked together via IPSec tunnel. I can confirm that

...

GP MFA Authentication Notifications Non-browser-based applications

Hi,

I try to configure a MFA notification, so the GP app will trigger a pop up message to authenticate with a radius server.

Here the config guide:

https://docs.paloaltonetworks.com/globalprotect/10-1/globalprotect-admin/globalprotect-user-authentica

...

Global Protect using Duo v2 Multi Factor Authentication profile

Hello,

I configured everything concering Global Protect and Duo MFA. But I get those errors:

This is for Captive Portal Authentication

This is for Global Protect Authentication:

I used for Portal and Gw of GP same CA self-signed cert (it is v

...

Discussions

Resolved! Use Rest API (10.1) to terminate user from VPN

Resolved! Login Windows non stop popup when VPN is not connected.

SAML SSO not working with global protect

Global Protect Issue

How to configure VPN and Certificates to cut VPN access when the Certificate is revoked.

Global Protect cert based authentication.

GlobalProtect authentication behaviour when Encrypt/Decrypt cookie for authentication override expires

Global Protect default inbuilt free license VM-100

GlobalPortect Pre-logon (Always On) with certificate authentication only

Global Protect still prompting users to downgrade from 6.x to 5.x (macOS)

Do we need Admin right to downgrade Global Protect Client ?

Resolved! Global Protect Drops Connection Easily

Resolved! Traversing Site-To-Site Tunnel via GlobalProtect

GP MFA Authentication Notifications Non-browser-based applications

Global Protect using Duo v2 Multi Factor Authentication profile

If I upgrade the Global Protect software on the firewall, will the old clients be able to connect?

Use Auto-Tagging to block failed Global Protect login attempts

Unable to connect to VPN with iPhone Personal Hotspot

FIDO2 support for GlobalProtect client

Radius Auth VIA management?

Re: Incorrect Parameter

Re: GlobalProtect and CPU usage

Re: macOS 15 Seqiuoa

Re: GlobalProtect and CPU usage

Re: If I upgrade the Global Protect software on the firewall, will the old clients be able to connect?

Unlock your full community experience!

Resolved! Use Rest API (10.1) to terminate user from VPN

Resolved! Login Windows non stop popup when VPN is not connected.

Resolved! Global Protect Drops Connection Easily

Resolved! Traversing Site-To-Site Tunnel via GlobalProtect