GlobalProtect Discussions | Palo Alto Networks

Resolved! Internal gateway... how to share user information?

Hi, if i have a couple of internal gateways (A B C) deployed. When an user authenticated successfully to A, the firewall will get its user-id "xxxx@yyy.com"... how do i share this user-id info to gateway B and C, so that they will be able to map IP -...

Resolved! Allow specified fqdn when Enforce GlobalProtect Connection for Network

Does this work on local GP firewalls? Anyone using it? Allow traffic to specified fqdn when Enforce GlobalProtect Connection for Network Access is enabled and GlobalProtect Connection is not established

GlobalProtect could not connect - socket error 10047

Hi,I got two computers that have installed agent GP 5072 and are connected to the same home network. The first one with win10 has no issues in connecting. The second one mounts win7 and its connection always fails with error "Could not connect to the...

Frequent disconnects 15-20mins

Hello All, I have 1 particular user who is experiencing frequent network loss. Any ideas on what might be the cause. We have tried using his LAN and also mobile hotpot but the same issues prevails. the and excerpt from his logs shows: 07/07/20 09:07:...

GlobalProtect User REport

hi everyone ,i need help with small issue, is there any way to find list of users that never connect ?i can generate report for last login , but if the user never connect it will not show.when corona started we created users for all employes (local u...

SAML with ADFS and GP

Hi EveryoneWe are currently using GP with LDAP as an authentication method. This works like charm.Now, we want to start using the AZURE MFA option that we have configured on our ADFS servers.I’ve managed to setup the SAML between the ADFS servers (20...

How to run GlobalProtect with more profiles in a batch (CMD) on Windows 10

Hello Everybody,I have several Customers who use GlobalProtect to connect to their VPN. So I have configured different profiles in my GP client. I can run GP, select the right profile, type in username and password and everything works fine!I would l...

Prelogon PC not showing in Gateway Remote Users

I'm trying to set-up GlobalProtect PreLogon using this guide: https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClEYCA0 It only seems to be working if I logon to the PC and sign in with an account. If I logout the connection i...

Resolved! GlobalProtect - Renew Certs and Upgrade Clients for remote user in production

Current CA and Device Certs need to be renewed. GP client software updated. Can someone tell me how folks are doing this if they need an active GP VPN connection to deploy to the clients in the first place? We do not use Portal. - and Users cannot in...

Global Protect Agent - End User Visibility of HIP/Posture check errors

In previous versions of the GP Agent you were able to click on a HIP/Posture check connection error and see the root error (AV out of date/Disks not encrypted etc) In the later releases of the Agent this facility disappeared and you have to search th...

Securely authenticating GlobalProtect mobile users against Office 365

We posted a training video explaining how to securely set up SAML authentication with GlobalProtect end-to-end against Office 365 Azure AD. At 29:35 it shows how to enable "Validate Identity Provider Certificate" and fix the commit error "Validate Id...

Resolved! Cert profile and SAML to Azure with GP Gateway Machine Cert Possible?

Is it possible to use a Certificate Profile to verify a machine on your GP Gateway, all while using SAML authentication to Azure? SAML to our Azure instance works great for us now, but does the firewall use the certificate profile only as a 'pre-logo...

Is it possbile to use an EDL in GW split tunnel config?

Hey guys, As the title suggests; is it possible to use an EDL in split-tunnel config? I'd like to be able to use Minemeld to grab Office 365 IPs & URLs. Thanks in advance

GlobalProtect intrazone access

Is it possible to create a rule to allow certain intrazone traffic for GlobalProtect clients. E.g. so that client1 on GP can ping client2s GP interface. I tried creating a specific rule that would allow traffic from GlobalProtect security zone to Glo...

Glass magnifier detail info needed for HIP Match, Log Detail

Hi, I am looking to see if there is a way to export or report the details info that glass magnifier provides when click on HIP Match, Log Detail in the glass magnifier column. The HIP Match columns do provide basic info such as: pc name, user name, d...

Discussions

Resolved! Internal gateway... how to share user information?

Resolved! Allow specified fqdn when Enforce GlobalProtect Connection for Network

GlobalProtect could not connect - socket error 10047

Frequent disconnects 15-20mins

GlobalProtect User REport

SAML with ADFS and GP

How to run GlobalProtect with more profiles in a batch (CMD) on Windows 10

Prelogon PC not showing in Gateway Remote Users

Resolved! GlobalProtect - Renew Certs and Upgrade Clients for remote user in production

Global Protect Agent - End User Visibility of HIP/Posture check errors

Securely authenticating GlobalProtect mobile users against Office 365

Resolved! Cert profile and SAML to Azure with GP Gateway Machine Cert Possible?

Is it possbile to use an EDL in GW split tunnel config?

GlobalProtect intrazone access

Glass magnifier detail info needed for HIP Match, Log Detail

Incorrect GlobalProtect Version reported in GlobalProtect Monitor

How do you view IP Pool utilization to verify there's never more demand than available?

Global Protect Cookie Expired Log Messages But Not Using Cookie Auth

GlobalProtect doesn't upgrade

global protect timeout increase through Panorama CLI

Re: GP IPsec tunnel always falling back to SSL

Re: GlobalProtect keeps re-authenticating automatically

Re: GP IPsec tunnel always falling back to SSL

Re: Split Tunnel by Domain Name is not working

Re: Incorrect GlobalProtect Version reported in GlobalProtect Monitor

Network Security

Cloud Security

Security Operations

Resolved! Internal gateway... how to share user information?

Resolved! Allow specified fqdn when Enforce GlobalProtect Connection for Network

Resolved! GlobalProtect - Renew Certs and Upgrade Clients for remote user in production

Resolved! Cert profile and SAML to Azure with GP Gateway Machine Cert Possible?