This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
GlobalProtect Discussions
GlobalProtect discussions offers topics about our network security for endpoints that protects your organization's mobile workforce. This area is dedicated to GlobalProtect discussions to help you answer questions.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
GlobalProtect Discussions
GlobalProtect discussions offers topics about our network security for endpoints that protects your organization's mobile workforce. This area is dedicated to GlobalProtect discussions to help you answer questions.
About GlobalProtect Discussions
Welcome to the GlobalProtect discussion area! Here, you can engage in conversations about GlobalProtect, explore new insights, and stay updated on ongoing discussions. Check back regularly for the latest updates and community insights on GlobalProtect.

Discussions

Start a conversation

Always On VPN with Prelogon then Switch to SSO? DUO and ADFS involved.

Greetings all. I'm having a time trying to configure this and could use some pointers where I may be going wrong. Here is the environment: Single portal already configured using ADFS (ADFS is also already set up with DUO MFA) with agent configurations based on AD security groups Multiple gateways already configured based on AD security gro...

jsalmans by L4 Transporter
  • 1560 Views
  • 0 replies
  • 0 Likes

Resolved! Use Rest API (10.1) to terminate user from VPN

Does Rest API (10.1) support terminating a user from the VPN? I know this can be done in XML API but I am not seeing the commands I am looking for available in /restapi-doc. Ideally, I could connect to Panorama and terminate both Prisma SASE mobile users and users connected to local firewalls using Rest API. Thanks, John

John_J by L1 Bithead
  • 2016 Views
  • 1 replies
  • 0 Likes

Resolved! Login Windows non stop popup when VPN is not connected.

Hi, Currently have GlobalProtect 6.1.1-6 installed by my IT department on my work laptop. When I'm at work, I obviously don't need to be connected to the VPN. The problem I have is that I get a Login window popup every 20-30min or so. The window is intrusive and jump at the front screen. Is there a way to stop this on my end ? What should ...

GlobalSS.png

Global Protect Issue

Hello All, Hope you all are doing well. We are using global protect 5.2.14. Most of the users are connecting successfully but some of the users are facing frequently no internet connection or gateway is unreachable even i tested those users in other pc and their vpn are working fine. Please help me to resolve this issue. Thank You

Wahmed4 by L0 Member
  • 2018 Views
  • 2 replies
  • 0 Likes

How to configure VPN and Certificates to cut VPN access when the Certificate is revoked.

Hello team, I need to know How to configure VPN and Certificates to cut VPN access when the Certificate is revoked. I have revoked a certificate I am using on my GlobalProtect connection and the connections are working fine, I need to cut this connection when the certificate is revoked, can anyone help me? Regards

Alpalo by L4 Transporter
  • 1270 Views
  • 1 replies
  • 0 Likes

Global Protect cert based authentication.

I've got a machine certificate for pre-logon, and that seems to work great, I can see that I am connected to my VPN from the login screen. But what I have noticed is that when I log into Windows, my username ends up being 'first_name last_name', which is not our actual user naming scheme. I couldn't figure out where it was pulling that from, b...

buck1 by L1 Bithead
  • 1326 Views
  • 1 replies
  • 0 Likes

GlobalProtect authentication behaviour when Encrypt/Decrypt cookie for authentication override expires

Hello. I am looking for some enlightenment as to what happens or should happen when the certificate used to encrypt/decrypt the authentication cookie presented by the GP Portal expires. My assumption based on real world experience shows users are still presented with the cookie using the expired cert regardless. It would be interesting to ...

GlobalPortect Pre-logon (Always On) with certificate authentication only

Hi There Does anybody know, if it's possible to configure GlobalProtect to use a machine certificate for the pre-logon authentication and just a user certificate for the user authentication? For me it looks like, that this won't work. As soon as I am adding a authentication profile like LDAPS to the portal and gateway, the GP agent is able to au...

Global Protect still prompting users to downgrade from 6.x to 5.x (macOS)

Hi. We've had multiple employees complain of being prompted to downgrade from one incremental version of 5 to another and I had assumed that the prompts would stop once everyone upgraded to version 6, but they are still getting the prompts. We are all Mac users. I saw a post from 2018 about navigating through the portal and disabling that option...

Resolved! Global Protect Drops Connection Easily

I observe that Global Protect drops connections while other apps are not. What thresholds need to be exceeded for Global Protect to give up and drop? I would like to consider how to improve network or end point factors to limit the frequency of Global Protect failiures.

Resolved! Traversing Site-To-Site Tunnel via GlobalProtect

Hi everyone, See if you can give me some insight here as I've exhausted all my options. Scenario I have a client who has two branch offices, each one with a PA-440 installed. Both these PAs are linked together via IPSec tunnel. I can confirm that between both these LAN subnets, there is harmonious communication. At the same time, I have crea...

  • 2069 Posts
  • 68 Subscriptions
Top Solution Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks