Global Protect Azure MFA SAML FIDO Key

Hi,

I configured Global Protect with Azure MFA (SAML).I have set this up as described here: https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g0000008U48CAE

Unfortunately I can´t see the FIDO Key in the Login-mask. The other authenti

GlobalProtect Connection Issues in PAN-OS 10.2.7-h3

Hello Friends, 
What troubleshooting steps can I take to address the GlobalProtect connectivity issues, including the "Your GlobalProtect session has been disconnected due to network connectivity issues or session timeouts" notification and the SSL VP

Massive update of GlobalProtecr agents

Best regard

Equipment

Currently in the company we are with the task of updating the GP agent to a more recent version, however, we do not know how much impact there may be on end clients if we update the agent, since they will understand that there a

Can HIP domain use wildcard characters?

May I ask HIP domain can use wildcard characters or not? (Like diagram below)

I read an article that OS cannot use *, but I am not sure whether domain can use wildcard characters or not(just like URL wildcard)

https://knowledgebase.paloaltonetworks.

Get a defined target IP Adress and Subnet via GlobalProtect (PA-460)

I have a target system that I need to access via WebUI. The system is reachable via its IP address 192.168.255.129 with a /24 (255.255.255.0) subnet. Furthermore the system expects a client IP address of 192.168.255.130, any other IP address will

Use HIPS to assign Gateway IP Address for external clients

Hi,

I am looking at how to assign different IP Pool addresses to clients based on a HIPS check.

We are currently achieving this by assigning a different IP Pool to users based on user group membership of an Active Directory group. When the client

VM series Firewall Global protect IP unreachable after rebooting

Hi All,

I'm doing POC on GlobalProtect for one of our customer. As our enviorment is VM series firewall on AWS, we stopped the VM in non-busness hour for costsaving purpose of AWS cloud. But very next day, the Globalprotect servicce IP is not reach

Configure TOTP (Google Authenticator) for GlobalProtect

I have looked at the different support documents and previous discussions but have not gotten much wiser. 

I need to have a handful of users connect to GlobalProtect with TOTP as the second authentication factor. Since the number of users are so low,

Way to dual-boot MacOS without violating encryption requirements for GlobalProtect?

I'm using a 27" i9 iMac running MacOS Monterey 12.7.3 with GlobalProtect VPN 5.2.12–26.

In order to connect with my organization's VPN, GlobalProtect requires my drive be fully encrypted.  Normally that's not an issue, as my default is to do so, with

Global Protect gateway location.

Would anyone know why the gateway connection is from across different regions when the user hasn't travelled? 

macOS Sonoma Terminal Command to disconnect GlobalProtect client?

Is there a terminal command / script that we use in macOS Sonoma to tell GlobalProtect  to disconnect?

The only thing I found to work so far is to kill the entire process which is overkill and not really intended. Thanks!

VPN certificate error, Android versions

Please, I have a problem with the connection through GlobalProtect VPN, for cell phones or tablets with Android version 12 and 13, the error is the following:
"There is a problem with the security certificate. The identity xxxx.xxxx.xxxx.xxxx cannot b

Unstable connection Ubuntu 22.04 GP UI version 6.1.1.0-49

Some users experience problems with the connection - the VPN looks connected but every request ends with a connection timeout until the VPN is restarted.

The VPN looks connected but every request ends with a connection timeout until the VPN connect

Global Protect client unable to browse network shares

I have two windows endpoints that, once the user logs on to Global Protect, are unable to browse network shares.  The connection looks normal and the traffic logs do not show any drops or denies.

We have tested logging on as a different user, but the

Which GlobalProtect VPN IPsec protocols used

I was curious if anyone knew what type of IPSec protocols that GlobalProtect uses when checking the IPSec option? I tried exploring my packets with Wireshark while turning the VPN on, but I haven't been successful in identifying them.