What to look for in GP logs: certificate auth

I am having some users who experience Connection Failed for the certificate auth Global Protect session.

What are the top 4 or 5 things I should look for in Global Protect debug logs to pin down what's 

behind this message?

On the back PAN side I am o

GlobalProtect 6.0.0 testing and issues

Hi all,

I have just installed 6.0.0 to test. Has anyone else had chance to test 6.0.0?

I previously had 5.2.11 installed without any issues, and the GW is on 10.1.2

The issues that I am seeing with 6.0.0 are-

• Slower authentication with SSO via SAML-an

GP 5.2.5 disconnects in connected standby

We recently upgraded our clients to 5.2.5 and since then we have had numerous reports (and I have experienced it myself) of disconnects occurring as soon as the comouter goes into modern standby/connected standby.

We have the computers setup to Never

HI All, can you support any one of the below issue ...1. after enter user credential and VPN error is showing like connection not established

can you support any one of the below issue ...

1. after enter user credential and VPN error is showing like connection not established and contact 

How to issue private IP addresses for clientless VPN users?

Hi All,

We have a small concern such that we need to issue private addresses for clientless VPN users. We configured the IP pool for the relevant user group but it seems like the user's source address is the remaining as a public IP. Let us know how

Multiple Portals on the same firewall for SAML testing

I would like to test and then gradually deploy Azure MFA SAML authentication. So as not to interfere with the current Portal and Gateway on this firewall I would like to set up a second portal on the same firewall. Can someone tell me if this is poss

Global protect authentication

Hi team,

In Global protect, is it mandatory for the user to authenticate in the portal and also in the gateway? I have tried to remove the authenticator in at least one of them so that it does not ask 2 times for user and pass without success.

Any idea

Global protect client updates unreachable in azure.

While setting up global protect from my azure palo alto appliance I noticed when I try to 'check for updates' I get this error "Failed to check upgrade info due to Unknown error. Please check network connectivity and try again." However I am able to

Global Protect - Flagging security issues with Insurance companies

I have several clients that are getting push back from their Cyber Security companies about the following issues (or non Issues). We have one company refusing to renew because of it and its coming up more often. I have a ticket open with support whic

Global Protect SSO Authentication Error after 30 Minutes

We are using the default browswer option for Onelogin authentication. So when we log into the computer the default browser launches which has the Onelogin screen. When we enter the username and password it logs the GP in and then all of the applicati

Internal host detection not working

Anyone have anything to look at for getting Internal Host Detection to work? I have been tearing my hair out for several days tying to figure out why the GP client will occasionally detect internal, but mostly defaults back to requiring a VPN login.

GP Certificate CN Mismatch issue when adding on more new Global Protect Gateway/Portal

I have two PA-820 operating in Active/Passive HA mode. The WAN set up is a dual ISP connection to a single ISP which are configured using BGP. I was adding a new Global Protect Gateway and portal that is segregated from the existing one to connect se

PAN-OS 9.1 GlobalProtect CEF Format

Hi,

I'm having issues finding the GP CEF format to send logs to SIEM.  It's not in the documentation. I belive the GP logs were being sent my SYSTEM prior to 9.1 and has changed to it's own log starting in 9.1

How to renew Global protect certificate

Our Palo alto will be depoloyed in cloud, We cannot login firewall without VPN, Now our Global certificate is expired so We cannot login palo alto so please suggest how to do