IdP initiated GlobalProtect VPN login

I'm in the process of configuring Duo SSO for GlobalProtect authentication. It's all working great when logging in through the GP application. However, both the Duo and Entra how-to guides mention that you can initiate the login through their portal

Global Protect App for Surface Pro 9 - Chip SQ3

Pleas help me about setup GP app for Surface Pro 9 SQ3 - ARM64. GP app notify The Service is not running!

Associate user credentials with a given portal

I'm a consultant working for multiple companies that use Global Protect.

At the moment during the day I have to disconnect and connect multiple times a day to these companies and each time I do this I have to re-enter the user/password then click con

How to best use HIP checks to force current MacOS releases

Hello,

What's the best way to create a HIP check to enforce current versions of MacOS? Prisma Access / Strata UI has some built in version values but it only goes up to MacOS 14.1. 

We're looking to create a rule to enforce current 13.x and 14.x

Remove Remote User from Global Protect using XML API

I am trying to remove remote users from Global Protect using XML API.  I have attempted to remove a user from both the Gateway and the Portal but I have not been successful.

This is the command I am using to remove the user from the Gateway:

(Secti

GlobalProtect with Radius Authentication

Hello,

Is it possible to connect to GlobalProtect using EAP-TTLS with PAP authentication?

I am using OneGate as our RADIUS server.

GlobalProtect sign out or logoff is not showing to users.

Hi,

I have number of users that needs to sign out from their account and connect GP with their second account.

The options of sign out or logoff for user is not showing at GP client.

we are using client 5.2.11 and did also testing with 5.2.12 and 6

Dictionary Attack On VPN

We have been having unknown person(s) been attacking our firewall for the past few weeks with a Dictionary Attack. They even went the length of finding one of out IT staff on Linkedin and try to get his Globalprotect Login.  

Luckily they have not

HIP Mobile not detect s/n use host id instead

Hi Expert  ,

I found issue about not able to detect hip info serial number  for mobile device is showing host id instead  I'm not sure about is should be show like this kb : How to Check the Information for a Mobile Device in the GP-100 - Knowledge

GlobalProtect Deployment For Dummies

Greetings all,

  we are migrating from Checkpoint to Palo Alto and will be moving to the GlobalProtect Solution for our remote employees.  I have never deployed GlobalProtect and wanted to see if there were any recommendations on where to start and i

Need monitoring alert for ip pool exhuasted

Hello Team,

Recently, we faced the GP issue, and we found it was due to the IP pool being exceeded.

We want to setup alert monitoring, so if the pool gets 90% of its IP's, then we should get an alert so we can extend the IP pool's.

Please provide t

Global Protect Configuration

Hello,

We have configured Global Protect on VM-300. We are in the testing phase and would like to test replacing Ivanti Connect Secure with Global Protect. Ivanti Connect Secure uses realm and user role mapping to realm to all access to different res

GlobelProtect portal started failing authentications, was fine this morning

Our normal firewall guy is out on extended leave starting last Friday, and I am pretty much a neophyte with this system. 

Here's what I've got.  We've got 2 portals as follows portalA.ourdomain.com and portalB.ourdomain.com.  They were both working f

What does it mean Stage and Event GlobalProtect Fields?

Dear, we are doing a large and hard troubleshooting to forensic analysis into our company, so we need know more information about the "GlobalProtect Stages and Events columns Logs Monitor".

Example: what it means the stages: before-login, tunnel, host