GlobalProtect Discussions
GlobalProtect discussions offers topics about our network security for endpoints that protects your organization's mobile workforce. This area is dedicated to GlobalProtect discussions to help you answer questions.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
GlobalProtect Discussions
GlobalProtect discussions offers topics about our network security for endpoints that protects your organization's mobile workforce. This area is dedicated to GlobalProtect discussions to help you answer questions.
About GlobalProtect Discussions
Welcome to the GlobalProtect discussion area! Here, you can engage in conversations about GlobalProtect, explore new insights, and stay updated on ongoing discussions. Check back regularly for the latest updates and community insights on GlobalProtect.

Discussions

GP example script running as admin

Hi, according to the doc, to run a pre (or post) vpn script can be run as admin using the following: context admin | user I haven't been able to get this working, so I'm guessing I have the variables all wrong. Can someone give me an example of how this would be used in a script? For example my current registry entry works as local user like bel...

Dekkar by L1 Bithead
  • 2614 Views
  • 1 replies
  • 0 Likes

Internet not working after conncted to GlobalProtect. But it is happening only for a particular network provider.

The Internet does not work once the user connects to two particular network providers. The Global Protect is in the pre-logon method and enforced connection. When disconnected from GP with an admin password, the Internet is working.With a working network provider, the internet is working, GP is connected, and the user is able to ping Google and ...

misleading IOS Notification - "Globalprotect Always-On mode is enabled. Please sign in to continue"

We are currently testing Globalprotect for IOS and we are seeing this notification in the phones - "Globalprotect Always-On mode is enabled. Please sign in to continue" Everything is working as expected in our test setup which is on-demand, using Azure SAML for authentication with client certificate - the one thing we don't understand or not m...

RREALICA by L2 Linker
  • 2091 Views
  • 2 replies
  • 0 Likes

Global Protect with PPPoE static IP

I have a static ip on my ISP PPPoE connection, i want to configure a GP with this ISP. I am a bit confused that i don't have the gateway configured on my interface routes how to do it. My PPPoE configuration is user name & Password but my ISP is providing static IP at the backend.

HELP - I have a hacker trying to use SPECIFIC users to get into my VPN service

The pattern is they try nonsense users such as "cisco" and I block their IP they come from, but they always come back. I am getting frequent attempts with various other users, but they seem to come back within an hour of me blocking their IPs.I need a rule that immediately blocks the user, potentially one that could add to a dynamic IP list disc...

Palo RAVPN connection profiles?

Hi, I'm taking my first steps in palo and trying to understand RA VPN configuration. I used to work with cisco devices where i have possibility to create different connection profiles for users and when they connect to vpn they can choose group where they want to connect. Example bellow: I thought i will be able to configure something like that...

obraz_2023-10-06_120323612.png

Resolved! How to Deactivate GP Package on the Firewall

Hello. It is known that GP Portal landing page in the browser can be easily bypassed by replacing login.esp with getsoftwarepage.esp PAN knows this, they do not see it as a security risk, which is nuts if you ask me. Don't mind the ability for someone to run a download loop and eat the bandwith downloading 200MB file infinitelly from multiple ...

Specific browser instead of default browser

Our company maintain SAML Authentication using a specific browser (edge), but it is not my default browser (brave).Each time before starting connection I have to switch default browser to Edge and after successful connection have to restore my default browser settings. Is there any way to specify the browser used for SAML Authentication?

Domino by L0 Member
  • 1851 Views
  • 1 replies
  • 0 Likes

Page to login global protect after connect not appear, and appear error AADSTS50105

By error when I tried to login to global protect, I put an email incorrect, and after when try again to login global protect not show login page, only show page error AADSTS50105. I tried everything like reinstall, delete folder palo alto, delete folder regedit, but get the same error. I want to see the login page to put the correct email. I u...

luisgue by L0 Member
  • 3024 Views
  • 2 replies
  • 0 Likes

SSL Certificate update while GP migration

Hello, I have scheduled all activities for my FW migration from ASA to PA, however I have a question about GP migration. The PA FW has its GP deployed with Public IP x.x.x.6 and gp.domain.com, whereas the ASA has Anyconnect on Public IP x.x.x.5 with asa.domain.com. Both are currently connected to the same ISP; I have disabled Anyconnect, and ...

Resolved! Setting Failed Attempts and Lockout Time

Hello, I would like to set failed attempts and lockout time on my Global Protect auth profile but I do not see where I can set this. The only place I see these settings is in the global profile but I would like to set this only for Global Protect. I am using v 10.2.4-h2 Thanks for any thoughts. MJF

  • 1675 Posts
  • 68 Subscriptions
Top Solution Authors
Labels