Global Protect firewall allowed rule
Hi, I'm creating a firewall rule to allow TCP 443/UDP 4501 (Global Protect) to go through the firewall, and I want to know if I need to allow bidirectional for the UDP 4501? Thank you,
Hi, I'm creating a firewall rule to allow TCP 443/UDP 4501 (Global Protect) to go through the firewall, and I want to know if I need to allow bidirectional for the UDP 4501? Thank you,
hi all, Our EU is currently on GlobalProtect 6.1.0 on PA-5250 firewall, we just wondered if this GP 6.1 support Linux Fedora 39? I tried to find any legit resources that would mention this but couldnt find anything helpful. Would like to share the information to our EU, hopefully anyone could help. thanks!
Hello Team, I have configured multiple agent profiles in the GP Portal and I want to verify which agent profile is currently being fetched by individual user, How do i verify that from the firewall or endpoint? Context: I have profile 1 which has a limited set of exception users who have some flexibility to switch the portal to add a new port...
Hello everyone, After upgrading GlobalProtect from 5.x to 6.2.2 users started to complain that GP is connecting automatically after logging in to OS. Agent App configuration hasn't been changed and still is On-demand. There is addressed issue in GP 6.2.1 which should solve this (GPC-18336 - Fixed an issue where the GlobalProtect app got automa...
Hi All, So I have Global Protect running with the HIP license. Our current conditions for HIP connectivity are; 1. Must be Windows 10 or 11, must have Crowdstrike installed and running, must have Zscaler Client Connector installed and running. I have no problems with any of these users. However, we have a very small subset of users on Macb...
Hello Team, Please share link to Download and Install the Global Protect App for Linux CLI version Requesting to share the link at the earliest Thanks & Regards / ramu
I generally try to run macOS beta version to jump ahead of any issues. I've been running macOS Sonoma 14.2 beta (2 and 4, specifically). In my testing, the Global Protect VPN client successfully connects (we're using certificates on in this case) but then fails to pass any traffic. The interface has an IP address, which can be pinging, but no...
Hi all, We've setup SAML / SSO and all works OK , however, when GlobalProtect starts, it automatically connects without asking for any creds. I'm assuming this is a result of the machine being joined to the same domain so the password is not needed. However, I'd like to configure it so that at least an MFA prompt occurs. Connecting on a non j...
I'm trying to figure out if therre's a way to configure GlobalProtect to prompt the end users to accept a logon banner message when they've entered their credentials successfully in the GlobalProtect app. Cisco Anyconnect can accomplish this in the group-policy and it's nice because after a user enters their credentials, they get prompted with a...
Hi Team I'm facing issue with when i connect to VPN then my laptop internet slows down.
Hello everyone, We have two strange errors with Globalprotect (v. 5.2.11) since the update to PANOS 10.2.3-h2:- For internal connections (via tunnel) the connection fails with the event gateway-hip-check with the message "Invalid tunnel end point IP address". - The external portal is suddenly no longer accessible via https but pingable via the...
Env: PRisma Access ; GP Client 6.2.0-89 What variable controls the "finding the best available Gateway" ; We are experiencing anywhere between ~2 to 7 minutes to get connect the gateway? How can we manipulate this algorith to not do this 'Finding best gateway" TIA
Hi everyone, Hoping someone could tell me where I'm going wrong with this. We have recently acquired a secondary ISP line which is connected to our PA's eth1/1 via PPPoE, which includes /28 available IPs. I am looking at moving one of our client's GlobalProtect portal and gateway from our primary ISP line (Which is via static IP) to the seco...
Hello, I'm running out of ideas to tshoot a GP connection problem. I have a user that is in an AD group uservpn (checked on the cli and it's fine). Added this group to Portal and GW configuration and I can't connect. If I live any for the config under user/user group for portal and Gateway it works. I see the user has this group on the CLI but s...
I'm using GP 6.1.2 and GP 5.2.11 respectively in my environment. We are in the midst of upgrading the 5.2.11 to 6.1.2. There is also a need to add/update the portal entry with a new entry.Where is the file that store the portal entry? We are using SCCM to push the GP agent to UAT laptop and would like to push portal entry as well.
| Subject | Likes |
|---|---|
| 2 Likes | |
| 1 Like | |
| 1 Like | |
| 1 Like | |
| 1 Like |
| User | Likes Count |
|---|---|
| 2 | |
| 1 | |
| 1 | |
| 1 | |
| 1 |

