Global Protect cert based authentication.

I've got a machine certificate for pre-logon, and that seems to work great, I can see that I am connected to my VPN from the login screen.  But what I have noticed is that when I log into Windows, my username ends up being 'first_name last_name', whi

GlobalProtect authentication behaviour when Encrypt/Decrypt cookie for authentication override expires

Hello.

I am looking for some enlightenment as to what happens or should happen when the certificate used to encrypt/decrypt the authentication cookie presented by the GP Portal expires.

My assumption based on real world experience shows users are

Global Protect default inbuilt free license VM-100

Dear Team,

I want to know default inbuilt  free license keys  available in VM-100

Can any once help on this.

GlobalPortect Pre-logon (Always On) with certificate authentication only

Hi There

Does anybody know, if it's possible to configure GlobalProtect to use a machine certificate for the pre-logon authentication and just a user certificate for the user authentication?

For me it looks like, that this won't work.

As soon as I am

Global Protect still prompting users to downgrade from 6.x to 5.x (macOS)

Hi. We've had multiple employees complain of being prompted to downgrade from one incremental version of 5 to another and I had assumed that the prompts would stop once everyone upgraded to version 6, but they are still getting the prompts. We are al

Do we need Admin right to downgrade Global Protect Client ?

Do we need Admin right to downgrade Global Protect Client manually ?

GP MFA Authentication Notifications Non-browser-based applications

Hi,

I try to configure a MFA notification, so the GP app will trigger a pop up message to authenticate with a radius server.

Here the config guide:

https://docs.paloaltonetworks.com/globalprotect/10-1/globalprotect-admin/globalprotect-user-authentica

Global Protect using Duo v2 Multi Factor Authentication profile

Hello,

I configured everything concering Global Protect and Duo MFA. But I get those errors:

This is for Captive Portal Authentication

This is for Global Protect Authentication:

I used for Portal and Gw of GP same CA self-signed cert (it is v

Incorrect Graphic used in Global Protect credential provider tile on Windows 10 - 6.2 Client

We are piloting pre-logon with our Prisma Access instance. Recently, we upgraded GlobalProtect from 5.2.x to 6.2.0-89 and noticed that the Global Protect credential provider tile is not the familiar globe, instead its the same graphic that is used fo

Unable to upgrade GP on macos

Trying to upgrade GP to 6.0.5 from 6.0.4-26. Running macOS 13.4.1 (c). I've read the release notes, tried changing some system settings, Googled, and I'm not having any luck. Any guidance would be appreciated. See attached screenshot.  TIA

Problem with Certificate install on Apple Silicon Laptops and the workaround I found.

Good Morning Folks,

I've run into an interesting issue. My ISP forced a change to the static IP for one of my sites with a PA-220 running 10.2.3-h2. This resulted in changes to both my public IP and my GP portal IP.  When I finished changing them,

Global Protect - Display Issue

Hi there,

I have a user who's getting this really weird display issue with Global Protect - screenshot attached.

Troubleshooting attempted:

- uninstall, re-install

- ran app in compatibility mode

- adjusted display settings Windows applies to app

A global protect connected client machine access a resource(behind Cisco router) that is connected to the host PA 800 Firewall via IPsec

Hello Everyone,

I have a Palo Alto 820 Firewall locally and it has been licensed and configured with global protect for the remote mobility of our users. And It also has a Site-to-Site IPsec connectivity to a remote location of a different organizatio