User-ID for GP policies

Hi All,

How would I get a list of users that login to GP in order to select the users for security policies. I want to be able to create individual security policies for an individual GP user, in order to manage internal access for that individual

Disconnect GlobalProtect Users at Specific Time

Is there an easy way to schedule GlobalProtect users to disconnect at a specific time of day?  Not looking for idle session timeout. 

After installing Global Protect - don't have a connect box

I install Global Protect but there isn't a Global Protect Connect to use. Nothing is installed except log C:\Program Files\Palo Alto Networks\GlobalProtect directory   The registry is also wanting.

Please see all attach files and screenshots. Look fo

Global Protect - Prevent RDP from one server to onther

Dear All,

Is it possible to use Global Protect to prevent users who have already logged in via RDP from jumping to or connecting to another server?

Thanks

How to Configure a frame-ancestors response header with a list specifying (Global Protect portal)

Hello
I am reviewing that GlobalProtect (vpn.xxxxxx.com and remote.xxxxxx.com) are vulnerable as they do not have a frame-ancestors response header configured.

I want to configure a frame-ancestors response header with a list specifying which URLs can

Upgrading Global Protect

Hello,

Looking to upgrade our GP from version 6.0.5 to 6.0.8. Is there a step-by-step reference I can use to help me in the upgrade process? Thank you in advance. 

Global Protect update - no auto-reconnect with transparent update

Hello,

To make the next update to GP as easy as possible for users, we would like to see an automatic reconnect.  

At the moment, the actual upgrade works fine to 5.1.9, but requires manual intervention at the end by clicking on the "connect" button a

Hide Global Protect redirection

Hello team

We have already hidden the global protect pages so that our users can only access through the client, however, we have detected that when we type the ULR or IP in a browser there is an automatic redirect that adds /global-protect/login.esp

Global Protect and ISE integration

Hello,

I want to make an integration of Palo Alto and Cisco ISE in these terms:
1. Global Protect users can be authenticated using Cisco ISE
2. There are some dynamic ACLs that define access rights for certain group of users, so the customer would like

Global Protect and Azure SAML

Hi All

PA-VM running 11.0.02

Global Protect 6.2.0

After some advise/suggestions

We are rolling out Global Protect for the first time and getting some strange results

Portal and Gateway Configured to use Azure SAML in addition to this I have follo

TunnelVision Vulnerability on Prisma Access via GlobalProtect Agent?

https://security.paloaltonetworks.com/CVE-2024-3661

The advisory states Prisma Access is unaffected by the TunnelVision vulnerability. However, to use Prisma Access, it must be done through the GlobalProtect agent itself.

I looked at my GlobalPro

Deploying GlobalProtect to iOS devices via (Airwatch, Meraki, MDM)

Hi,

We're looking at deploying GlobalProtect to 1000+ iOS devices and wondered if there was anyone out there that could share their experiences and provide some insights.

Using our MDM tool (Meraki and Airwatch), I'd like to push out the GlobalPr

Clientless VPN only shows the top application in the stack

We're trying to setup Clientless VPN for the first time and we've run into an issue where the portal site only shows the top application in the config stack.

GlobalProtect > Portals > Clientless VPN > Applications.

They all seem to work when you

Client cert usage check failed

I am testing client auth using certificates and the certificate is not being retrieved from the User store. It's Windows 11. The PanGPA.log file shows this error:

(P23516-T9764)Debug(2744): 06/08/24 11:07:10:562 box return Valid client certificate