GlobalProtect Discussions
GlobalProtect discussions offers topics about our network security for endpoints that protects your organization's mobile workforce. This area is dedicated to GlobalProtect discussions to help you answer questions.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
GlobalProtect Discussions
GlobalProtect discussions offers topics about our network security for endpoints that protects your organization's mobile workforce. This area is dedicated to GlobalProtect discussions to help you answer questions.
About GlobalProtect Discussions
Welcome to the GlobalProtect discussion area! Here, you can engage in conversations about GlobalProtect, explore new insights, and stay updated on ongoing discussions. Check back regularly for the latest updates and community insights on GlobalProtect.

Discussions

Resolved! Palo Alto Global Protect Enterprise App in Azure

We are using SAML authentication via The Global Protect Enterprise application in Azure. E everything is functioning as expected except for the logging is incorrect. The user login logs show the OS as Windows 8 when a Windows 10 user logs in. If you go to the details. in the log entry, The =User agent details show the correct PAN GP version and ...

Carleton_1-1674582931643.png
Carleton_0-1674582811034.png
Carleton by L3 Networker
  • 3556 Views
  • 3 replies
  • 0 Likes

SAML Authentication for GP Portal and GP GW

Hi All, We are planning to enable SAML(OKTA) authentication for GP Portal and GP GW in our environment. Below are my queries. How to use the Hostnames instead of IP address to connect from the GlobalProtect. Where is the settings to configure a domain instead of IP address. In Cisco Anyconnect we call it as Alias. Not sure what we call in Global...

Resolved! Azure SAML double windows to select account

Hello everyone, We have configured a new set-up for GlobalProtect which use Auzre SAML authentication and Microsoft AuthenticatorIt's all working fine with the exception of this weird behavior: - User connect to the portal with SAML authentication - A window open for the user to select an AD account to use - User select account - New window ...

SAML SAML.PNG
Portal SAML.PNG
Gateway SAML.PNG

EXCHANGE KEY ECDHE insufficient size Global Protect

Hello team, I have an issue with the exchage key ECDHE size with Global protect. Our Qualys scans show that we accept keys of insufficient size in ECDHE.The problem is that on our equipment, we obviously cannot set the size of the keys. When I checked this KB https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u000000CqSHCA0&am...

Mamoudou by L2 Linker
  • 2093 Views
  • 2 replies
  • 0 Likes

Resolved! Palo Alto panos-global-protect include port 4443

I have configure a security policy for global protect access. the security policy I added below app-id panos-global-protect panos-web-interface SSL From my traffic log I can see my firewall is allow port 4443 traffic for this security rules. From Application Research Center I search this few port is only allow port 80 and port 443. Why my ...

JiaXiang by L4 Transporter
  • 3877 Views
  • 1 replies
  • 0 Likes

GP VPN unable to connect on linux

Hi team, I am using GP (build # PanGPLinux-5.2.6-c18 ) on Ubuntu 22.04 LTS. I am unable to connect to VPN and get the following error: Gateway XXXXXXXXXXXX: Could not connect to gateway. The device or feature requires a GlobalProtect subscription license. If the issue persists, contact your administrator. The same credentials work if I t...

Split Tunnel by Domain Name is not working

I've read a few posts on Split Tunnel by Domain Name. But so far I am only able to get specific routes to work and not split tunneling by domain name. My test is ipchicken.comas traffic to it will reveal either my home IP as the source or the corporate public subnet. I added to INCLDE *.ipchicken.com without specifying ports. After establishingt...

palomed by L3 Networker
  • 8377 Views
  • 3 replies
  • 0 Likes

GlobalProtect Prompting Network Filter on macOS

We're running macOS Ventura clients and deploying GlobalProtect 5.2.12-26 We’ve been deploying GlobalProtect for the last year without profiles, No issues. We made a recent change to do HIP checks on endpoints, like verify Jamf is running before you can connect to VPN. We then added an exclusion for a domain and list of IPs to not go through t...

01.png
02.png
03-transparent proxy.png

global protect SAML auth

as per provide KB document we have configure SAML Auth profile but still we are facing issue. ->new user connect via saml but after disconnecting they are not asking any otp, user automatically connect to global protect(remote user are login in cache profile).

GlobalProtect Upgrade Settings

Hello Team! My organization runs several different windows systems, e.g. 7/8/10/11. Some versions of GP do not work on older type 8 systems, the upgrade passes correctly but GP stops working on that system and unsupported versions.https://docs.paloaltonetworks.com/compatibility-matrix/globalprotect/where-can-i-install-the-globalprotect-appIs t...

Pre-tunnel latency vs Post-tunnel latency GP Logs

Hello,I am looking to understand a new feature of Prisma Access and the GlobalProtect client, which is the reporting of latency. I have read a few articles provide what the feature Is, but I would like to know the difference between pre-tunnel latency and post-tunnel latency. For instance, I see the following in the logs:Pre-tunnel latency: 74ms...

Connect before logon status disconnected

We have setup Connect before logon and was successful creating the VPN connection vioa the network sign-in option and logged into the device the first time, however as soon as they reboot the device the globalprotect staus changes to 'disconnected' and the user cannot re-open the connection and continue to login to the device. Any ideas?

Bishopg1 by L0 Member
  • 2228 Views
  • 1 replies
  • 0 Likes

Resolved! Difference Between GlobalProtect Portal and GlobalProtect Gateway

Read few of the docs but never understood the difference between the GP Portal and GP GW. Is there any way we can compare this with other vendor products and co-relate it? For example Cisco Anyconnect, Checkpoint Endpoint Security. I wanted to know the actual difference and why few customers configure both Portal and Gateway. Is it really necess...

  • 1675 Posts
  • 68 Subscriptions
Top Solution Authors
Labels