This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
GlobalProtect Discussions
GlobalProtect discussions offers topics about our network security for endpoints that protects your organization's mobile workforce. This area is dedicated to GlobalProtect discussions to help you answer questions.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
GlobalProtect Discussions
GlobalProtect discussions offers topics about our network security for endpoints that protects your organization's mobile workforce. This area is dedicated to GlobalProtect discussions to help you answer questions.
About GlobalProtect Discussions
Welcome to the GlobalProtect discussion area! Here, you can engage in conversations about GlobalProtect, explore new insights, and stay updated on ongoing discussions. Check back regularly for the latest updates and community insights on GlobalProtect.

Discussions

Start a conversation

Global Protect for IPad auto-connect option partially works

We have around 200 Ipads deployed to our field agents. Our configuration on our global protect portal is to have always-on enabled, so that when a device loses connection, that when connection is restored the vpn would automatically reconnect. my initial tests were with test mobile phones (iphone 12 and a Pixel 8), I rigorously tested these...

GP Update to 6.1 and PAN-OS 10.2.7-h3

Hello,We are planning to upgrade our GP client to 6.1.4. Currently we are running 6.0.7 and the PAN-OS (10.2.7-h3). Since we just recently upgraded our PAN-OS, we do not intend to upgrade to 11.0 anytime soon. My question is; what would be the behavior of the GP client 6.1.4 when we have PAN-OS (10.2.7-h3)? I know with 6.1 the End-user Notificat...

jesteves by L0 Member
  • 1380 Views
  • 1 replies
  • 0 Likes

Resolved! GP Internal Gateway does not work after upgrading to 10.2.7-h3

Our customer has configured internal gateways to retrieve mapping information for users from devices that are not joined to the domain. This was working fine after Firewalls and Panorama were upgraded to 10.2.7-h3. For example, one of the peer's firewalls (Active/Passive) was upgraded and this task was completed without issues around 7:30 PM...

VPN SSO with MFA every time

Hi We have recently purchased a Palo Alto firewall and connect to the VPN using GlobalProtect. For Teams/Sharepoint etc. We use Azure MFA where a push notification comes through to the authenticator app and to get this working on GlobalProtect we had to set up a radius server. The reason we can't use Azure MFA with GlobalProtect is that w...

edmozley by L0 Member
  • 3461 Views
  • 2 replies
  • 0 Likes

Clientless VPN portal and SAML SSO and Application SSO

Hi there, I wanted to check that possibly what I'm trying isn't actually going to work. Had a look around at people with simular issues on LDAP, but I thought using SAML would solve this ... but not! What I'm trying to achieve here is SSO into the VPN portal and then into any applications that use the same SSO method (the method we are using i...

DTGHelp by L0 Member
  • 2272 Views
  • 2 replies
  • 0 Likes

Global Protect users are unable to access SQL database which hosted in Azure

We have a tunnel configured between on-premises PA-5250 and Azure. traffic flows as expected users who are not connected to the global protect can connect to the SQLMS without any issues. However, users who are connected to the GP can't access the SQLMS. traceroute reaches the GP gateway and ends. if we try with the URL the traffic does not re...

GlobalProtect ver6.1.4 on IPhone IOS 15

Hi, I am trying to use GloblaProtect 6.1.4 on IPhone IOS 15, I am able to open the portal successfully but when I try to connect using the gateway I get an error says "Gateway external_gateway: could not connect to gateway, the device or feature requires a globalpretct subscription license. note: I have installed the chain certificate provid...

Resolved! Palo Alto with Azure SAML issue

Hi all, I have configured all the required basic SAML configurations in Azure, and assigned a few test AD users to GlobalProtect enterprise application. Also configured those required settings on the Palo Alto end where I import the XML cert, create an authentication profile, and assign the profile to both my gateway and portal. You can refer to...

KevinNg_3-1710232179173.png
KevinNg_0-1710231902791.png
KevinNg_1-1710232073112.png
KevinNg_2-1710232093067.png
Kevin-Ng by L2 Linker
  • 7791 Views
  • 9 replies
  • 0 Likes

Global Protect Pre-Logon followed by SAML SSO

Hi Guys, I have implemented global protect with pre-logon (device certificate) followed by user logon using SAML (Azure AD as SAML IDP)When global protect client initiate the user authentication below windows security pop up asking to confirm the certificate.After confirming the certificate it connects fine and every time user reboot same pop up...

NamalW_0-1599546178555.png
Namalw by L1 Bithead
  • 12412 Views
  • 8 replies
  • 0 Likes

GP Portal logs showing local password guessing attempts even though I'm using Azure IdP. Should I be concerned?

I have our portal set up to use Azure for logon, and it's been working great. Lately I'm seeing many of these attempts in the system logs: 1. saml-client-redirect, "Client '95.164.0.25' redirected to 'https://login.microsoftonline.com/xxxxxxxxx/saml2' for authentication profile "Azure" 2. auth-fail, Failed authentication for user 'lakiesha'. R...

Maxstr by L1 Bithead
  • 1166 Views
  • 0 replies
  • 0 Likes

IdP initiated GlobalProtect VPN login

I'm in the process of configuring Duo SSO for GlobalProtect authentication. It's all working great when logging in through the GP application. However, both the Duo and Entra how-to guides mention that you can initiate the login through their portal (IdP or SP initiated login). However, when I try it though the Duo Central portal, it just logs m...

  • 2062 Posts
  • 68 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks