Guidance for configuring Global Protect Portal in Azure.

Hi Team,

Any specific config for GP Portal on active/active firewalls? Also, as when using Azure load balancers, which port (s) are needed by GP Portal?. Ans also share the KB article if any.

Thanks & regards,

Prakash

CPanGPADlg::OnTimer - about refresh configruation

Anyone know what this log indicates in the GP client logs?  We are investigating reports of unexpected GP disconnects, and in many cases the disconnect seems to start with this sequence:

15:32:38:033 --Set state to Disconnecting...

. . . 

15:32:36:

Windows Update HIP Check

i saw another user is having pretty much the same problem as me, but her post was over a year ago. was hoping some other users might have had the same problem as me.

here's the original post:

https://live.paloaltonetworks.com/t5/globalprotect-discu

Global Protect - valid certificate client is required

Hi

all of a sudden at the beginning of this week, our Global protect clietns have been failing with "valid certificate client is required"

the environment is set for machine cert auth (windows adcs)

now, to get around this issue we have turned of

Ubuntu 22.04.1 LTS VPN not able to connect

I am trying to use Global Protect VPN on my Linux Machine (Ubuntu 22.04.1 LTS).

But whenever I try to connect I get the following error:

I am not able to understand what is the exact issue.

GP clien window size

I have a bit annoing behavior afte add hardware 2FA to GP. Client windows is not scalable and not possible is scroll text in window. In effect I'm not able to chose 2FA method  Only hardware key is working. Is possible to unlock sizing or scrolling

Global Protect VPN Client not authenticating to 2012 R2 Domain Controller

We recently installed a new Domain Controller and can't get the Global Protect VPN client LDAP authentication to work. We have tried everything we can think of and would like to know if anyone else has had this issue and could assist with a solution.

im trying to create a ticket, but i don't see anywhere to for creating a new Palo Alto tac case

This is what Im seeing.  Nothing about creating a new ticket.

R-enable Global Protect Automatically after machine boots up

hi , 

not sure if there is any way to make Global Protect(GP) get Re-enabled automatically when the machine boots up. In other words, if someone disabled, it would get Re-enabled by itself..

does that feature being added under GP 6.1 version ?

HIP Profile not working

Using Globaprotect to connect remotely. Enabled HIP profile for compliance check. Users get connected even if the endpoints are non-compliant.

I configured HIP profile to check whether remote machines has DLP agent installed. GP gets connected with no

User unable to connect to VPN portal address after USMT data transfer to new PC

We recently started using Smart Deploy to image computers, and capture/deploy user profile data. I am having an issue that is hit or miss with each user profile that is migrated to the newly imaged computer using Smart Deploy (utilizes USMT). Smart D

user getting prompt to change expiry password on global protect client

Hi Everyone,

I have disabled the option to allow user to change expiry password on authentication profile mapped with Global protect but Users are still getting the prompt on client to change the password. What could be the reason.

Thanks

Virender

Pre Login vs Always On

Hi, we are trying to decide between pre login VPN and always connected VPN...what do you guys use and why? FYI we use Okta for SAML/SSO and Azure AD for Identity.

From my understanding - pre login VPN doesn't support MFA or the ability to select WiFi