This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
GlobalProtect Discussions
GlobalProtect discussions offers topics about our network security for endpoints that protects your organization's mobile workforce. This area is dedicated to GlobalProtect discussions to help you answer questions.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
GlobalProtect Discussions
GlobalProtect discussions offers topics about our network security for endpoints that protects your organization's mobile workforce. This area is dedicated to GlobalProtect discussions to help you answer questions.
About GlobalProtect Discussions
Welcome to the GlobalProtect discussion area! Here, you can engage in conversations about GlobalProtect, explore new insights, and stay updated on ongoing discussions. Check back regularly for the latest updates and community insights on GlobalProtect.

Discussions

Start a conversation

GlobalProtect client verison branches

Can anyone explain the different branch version for GlobalProtect? There are currently five different branches available for Win64 - 5.1, 6.0, 6.1, 6.2 and 6.3 - with two different 'preferred' versions (6.1.4, 6.2.3). The branches seem unrelated to other branches. What's the reason for this? Why not one branch with incremental updates?

GP - Pre-Login

Hi All, I have a GP Portal with a few different agent configurations. Depending on the user's AD group, they may have different settings. Current setup for all agent configs is Always-On. I want to enable pre-logon(always on) for a specific use case without impacting all the other users. What's the best way to go about this? If I were cre...

Global protect gateway

Bonjour, Pour accéder aux ressources internes il faut configurer un portail sur global protect. Le portail nous permettra de nous connecter à la passerelle. Pour monter un tunnel ipsec, il faut d'abord se connecter à une passerelle qui se trouve dans le cloud prisma (la passerelle la plus proche de votre localisation) quelle IP doit on renseigne...

Sarou22 by L2 Linker
  • 923 Views
  • 0 replies
  • 0 Likes

Testing 2FA with requiring device certificate and password

Hello All, We currently only require Password or certificate when using global protect. We already have device certificates deployed using PKI on our domain computers. My question is where do I apply this policy for testing? I notice under client authentication you can have multiple profiles that require password and/or password authentication...

MNoble by L2 Linker
  • 1120 Views
  • 1 replies
  • 0 Likes

GlobalProtect Client Log Dump Format

Hi,I would like to parse and correlate multiple .log files from GP log dump.Example log from PanGPS.log (P5200-T7744)Debug(1916): 05/16/22 12:47:28:106 Send response to client for request hip-ack │(P5200-T7744)Dump (11923): 05/16/22 12:47:28:106 Set m_bPreviousSwitchOffMsg to 0 Do you know what are the types/meaning of the fields?Thank you

Globalprotect Self Signed certificate with Chrome

Hi, Starting from one or two month ago, maybe after a Chrome update, I'm unable to open the globalprotect login page on my firewall with Google Chrome. It doesn't depends on the client OS, it happens wth Google Chrome (all other browser are working fine). The error I get is "ERR_SSL_KEY_USAGE_INCOMPATIBLE". The certificate is generated by the fi...

Resolved! Global Protect two MFA prompts for Portal and Gateway

Hello, I'm trying to understand the difference between 'Generate cookie for authentication override' and 'Accept cookie for authentication override' on both portals and gateways. I went through all the official guides but still can't seem to understand. Suppose we have MFA set up for both the portal and the gateway. Every time someone tries to...

vsurresh by L1 Bithead
  • 4411 Views
  • 3 replies
  • 0 Likes

Global Protect 6.2.3 opening 2 Sign-in tabs for SAML

Hello all, Curious to see if anyone else is running into this issue. Please note this is different then the 2 tabs that would open after completing authentication via SAML on the global protect client. I had ran into that issue before, but that was easily fixed when enabling cookies and enabling "Use default browser for SAML Auth". All was wor...

RollandDavis_0-1718307906708.png
RollandDavis_1-1718308025344.png

Prelogon users connected to Userlogon Gateway

I'm working on a Global Protect Setup with the following. A single Portal that leads to 2 Gateways one for prelogon users and then the second for users that have signed into their machines. The tunnel renames itself when the user logs into their machine. However it seems the prelogon user is staying connected to the second gateway after the user...

NetFox by L0 Member
  • 1209 Views
  • 1 replies
  • 0 Likes

PANGP virtual ethernet adapter disables

I noticed that the PANGP virtual ethernet adapter disables when Global Protect VPN is not running. Once I launch Global Connect VPN and complete the connection, PANGP virtual ethernet adapter becomes enabled. Is this normal? I discovered this after finding the PANGP virtual ethernet adapter disabled whenever I opened the device manager on my ...

Resolved! Issues with GlobalProtect 6.3.0

After upgrade to 6.3.0 i am unable to login to GP from 2 different portals and gateways. on first attempt got the browser page and the Okta authentication successful. then another login window popped up but blank and gray and client popup says connecting for the past 15 minutes. With 6.1.4 the second window i had to perform a second login proces...

Resolved! Bitdefender GlobalProtect HIP check - where does GP get data from?

Hello, I'm trying to determine the root cause when Bitdefender Endpoint Security Tools fails an update, Global Protect will reject our HIP check due to Engine Version, and Malware Definition Version showing as blank, and Malware Definition Date becomes 01/01/1970. As we're connected full tunnel, when the HIP fails thus all internet is blocked a...

Resolved! Problem with GlobalProtect 6.2.3, embedded browser, SAML and high resolution devices on Windows

We are facing issues with newer Windows laptops with a high resolution. When users establish the VPN tunnel from the Windows 10 login screen, the embedded browser performs the Azure/SAML authentication, with the problem that the scaling for the SAML authentication in the browser is way off, to the point where it's unusable. Does anyone know this...

enderfra by L0 Member
  • 4545 Views
  • 2 replies
  • 0 Likes
  • 2062 Posts
  • 68 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks