slow boot time-20min with Global protect VPN always on + DUO MFA

The client system takes 20min with a warm reboot for the below configuration. 
PANoS 10.1.6

GP OS: 6.0.5

Client System: Windows10

MFA: DUO 

This issue started with DUO only, we have another gateway in the same firewall no issue with Kerberos auth. 

Problems with Global Protect customers and Azure

Hello,

I need help with the following problem with my Global Protect users, the problems are random and once the user is able to log in, the problem does not reproduce until after 24 hours.

The casuistry is that we enter an Azure account, we enter th

Many laptop not get internal corporate network while connect to internal network.

Many laptop not get internal corporate network while connect to internal network. What the cause and how to fix it. 

[SOLVED] GlobalProtect 6.2.0-89 - blinking tray icon in internal network

SOLUTION:

Update to 6.2.1-132. Killed the visual bug for us and worked like always without any issues.

-------------------------------------

UPDATE:

Looks like PAN released 6.2.1 in the night from Monday to Tuesday (20:21 CEST). Release Notes are pro

Specific browser instead of default browser

Our company maintain SAML Authentication using a specific browser (edge), but it is not my default browser (brave).
Each time before starting connection I have to switch default browser to Edge and after successful connection have to restore my defaul

Prompted to sign in to Global Protect every time Mac restarts or connects to different network.

Page to login global protect after connect not appear, and appear error AADSTS50105

By error when I tried to login to global protect, I put an email incorrect, and after when try again to login global protect not show login page, only show page error AADSTS50105.

I tried everything like reinstall, delete folder palo alto, delete fol

SSL Certificate update while GP migration

Hello,

I have scheduled all activities for my FW migration from ASA to PA, however I have a question about GP migration.

The PA FW has its GP deployed with Public IP x.x.x.6 and gp.domain.com, whereas the ASA has Anyconnect on Public IP x.x.x.5 with 

Add PreLogon to Existing Portal

Hi Everyone,

Our current setup is a GlobalProtect portal that utilizes SSO via the free Okta service.  This serves our customers as well as our internal staff.

I'd like to switch our internal staff laptops to the prelogon method, so they automati

GlobalProtect blocks my internet access

Hi all,

I've recently started to use a GlobalProtect vpn, but every time I successfully connect to it, it blocks my internet access. I reached out to our IT departement and a firewall engineer told me he can see that I am connected and that traffic i

IPv6 Traceroute not returning hops before the destination

I have two GlobalProtect installations each configured differently. I can ping and connect to IPv6 destinations just fine. If I run a traceroute to the IPv6 destinations using UDP or ICMP, I do not get the hops before the destination. For example:

Blank Login Page

Issue occurs both on Windows 10 & 11. Mostly see it on 10 though and when the user is off site. Rarely do we see the issue on site. User tries to connect to GlobalProtect, window pops up and it's blank - can't type in credentials.

GP version: 6.0.3

Is it possible to host a Global Protect Portal and Gateway on the same outside interface as IPSEC VPNS

I'm trying to set up a global protect gateway on an interface that already has a couple IPSEC VPN tunnels on it. But I am unable to browse to the page to download the client. After some checking I realized that I'm not even able to ping this interfac

Global Protect authentication happened twice while LDAP and Okta Auth

Recently we moved  to PA-3410 software version 11.0.1-h2 from PA-850  software version 10.2.3-h4 .

on both firewalls

We have selected option for authentication override 

On Portals
Generate cookie for authentication overri