GlobalProtect doesn't upgrade transparently.

In Prisma Access Mobile User, the user GP version was distributed as 6.2.0. However, due to an issue, I needed to upgrade to 6.2.3, so I set upgrade globalprotect to allow transparently in the app settings. However, there was no change for 6.2.0 user

Vulnerability Protection for CVE-2024-3400

TL;DR: ensure you are applying Vulnerability Protection to web-browsing traffic hitting your GP portal interface, if you rely on the intrazone-default allow

I was responding to another case of this flu. Even though the best-practice strict VP profi

GP Agent Machine Certificate Check

Hello,

I am trying to find out more information about a GP portal setting called Machine Certificate Check under Portal Configuration / Agent / Agent Config / Config Selection Criteria / Device Checks. I was hoping to use a machine certificate chec

browser certificate prompt when trying to connect with Gp portal

the scenario

NDES server

SCEP certificate profile intune

auto enrolled windows 11 machine with business hello configured

our setup is look for certificates in the machine store and specific OID (registry setting and PA end)

when trying to connect

Unauthorized GP login attempts

Hi All – Just curious on when to get concerned about unauthorized GP login attempts. I’ve had a person from the RU making login attempts on our GP for about a year now. I speculate they are new at this, after a while they learned how to mask the ‘HOS

Duo two factor authentication challenge message not showing in GP Portal

After migrating to PA-1410 from a PA-3200, the Duo 2-FA challenge message stopped showing up on the GP portal page after the initial AD credentials authentication. The functionality is working fine as the textbox for the 2-FA options shows up and pro

Globalprotect - machine/device cert for Portal and Gateway "certificate profiles" - how to best distribute

I have successfully configured a working POC for exactly how I want our users to connect to Globalprotect.

We have a SAML authentication profile configured for both the Portal and Gateway each each with the same certificate profile configured. 

I

IOS and Globalprotect using Multifactor authenticator

We are facing a problem on IOS devices related to globalprotect using Multifactor Authenticator with Azure. We tried forming a certificate chain a root certificate and an intermediate certificate.

We added to the root certificate an extra attribute w

SAML authentication - How to avoud the "Open GlobalProtect ..." popup ?

Hi all,

I recently integrated Azure MFA via SAML with GlobalProtect and it works flawless. The only little issue is a popup that always appears whenever the authentication process is about to be completed. I guess this is the browser communicating wi

GlobalProtect software versioning numbers do not make sense to me

Hello - new to the GlobalProtect VPN client.    We are in the processing of beginning to roll out the GP VPN client via GPO to our user base.  I occasionally receive emails from Palo stating that a new version of GP VPN client is available, but when

Global protect upgrade to 6.2.0-89 having disconnection issue

I want ask if anyone face issue with below error after upgrading global protect to 6.2.0-89?

"The network connection is unreachable, or the gateway is unresponsive. Check the network connection and reconnect"

Before upgrade it works fine and no any