This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
GlobalProtect Discussions
GlobalProtect discussions offers topics about our network security for endpoints that protects your organization's mobile workforce. This area is dedicated to GlobalProtect discussions to help you answer questions.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
GlobalProtect Discussions
GlobalProtect discussions offers topics about our network security for endpoints that protects your organization's mobile workforce. This area is dedicated to GlobalProtect discussions to help you answer questions.
About GlobalProtect Discussions
Welcome to the GlobalProtect discussion area! Here, you can engage in conversations about GlobalProtect, explore new insights, and stay updated on ongoing discussions. Check back regularly for the latest updates and community insights on GlobalProtect.

Discussions

Start a conversation

Resolved! NGFW Global Protect 6.2.7 Global Counters Negotiation Error TLS 1.3 MAC-OS

Hello Livecommunity!I'm facing an error with the Global Protect Agent 6.2.7 when an Apple Mac OS X 15.3.1 Sequoia tries to establish an SSL VPN connection with the Global Protect Portal; We see the next error on the DP CLI pcap global counters:NGFW(active)> show counter global filter packet-filter yes delta yesssl_tls13_connection_error ...

DanielSRomero_0-1741003799243.png
DanielSRomero_3-1741004715515.png
DanielSRomero_1-1741003799236.png

Resolved! GP client update fails to download, DNS record needed

We're updating from 5.2.12 to 6.2.1. The transparent update only works when testing with a DNS entry in a local hosts file. I don't think we've had a DNS entry in the past for the portal, but it seems like it's needed now. The below article talks about this, but I want to understand which address needs to be resolved. Is it the loopback interf...

Resolved! Panorama managed - Global protect SAML cert renew - IDP xml import wrong expiry

Background : Panorama version 10.2.13-h5 PA460's : 10.2.13-h5 2x PA460 active/passive HA. Managed by Panorama (9 other firewalls as well, but they don't provide GP portal / config. - SAML cert expires Jan 10th 2026. - Followed MS instruction on creating a new cert within MS admin/entra/azure/whatever they call it today. - Firewalls did not li...

GlobalProtect VPN Client windows 11 crash

Hi, I am using GlobalProtect GlobalProtect App version 6.2.8-263. It is the latest version i could download from network. When i am using connectioni got bluescreen crash whch i can reasume to: Bugcheck code: 0x1E This is MODE_EXCEPTION_NOT_HANDLED, which means that a kernel-mode component threw an exception that was not handled. Excep...

PiotrH by L0 Member
  • 2414 Views
  • 1 replies
  • 0 Likes

Unable to connect VPN

Hi , I am using GP 6.2.8-183 and use radius server to get authentication. However, I signout from the GP and when i tried to connect VPN , it prompts invalid user name or password. It was working before i signedout from the existing VPN connection. Same was noticed a new user created last Friday. It there a way that that can be resolved?

Using Keycloak as idP

Has anyone succeeded in using Keycloak as idP with Globalprotect? We're having issues with the windows clients receiving "You are already logged in" while trying to log in, which also make the gp app hang. The GP app for macOS never experience this. We've also experienced with openconnect on Ubuntu (since Palo's own ubuntu GP app does not work a...

Anbjorn by L1 Bithead
  • 5109 Views
  • 3 replies
  • 0 Likes

Resolved! Use Auto-Tagging to block failed Global Protect login attempts

hi, we use SAML for our Global Protect Portal and Gateway Authentication, so all logins are automatically forwarded to our IdP and are being processed there. But for whatever reason we sometimes face Brute Force attacks on our portal, where all kinds of generic users are being tried to authenticate against the Portal: for my understanding this ...

1.png
Fluck by L1 Bithead
  • 21668 Views
  • 13 replies
  • 1 Likes

Working overseas - Unable to connect PaloAlto global protection VPN

I'm working overseas. If I use Wi-Fi, I have trouble connecting to the PaloAlto global protection VPN, but if I use a hotspot(my roaming cellphone - Mint mobile), I am able to connect to it.When I use Wi-Fi, the internet works, but I can’t access to my company shared folder because the VPN is not connected.I’ve tried several different Wi-Fi netw...

Kayyyy by L0 Member
  • 1440 Views
  • 1 replies
  • 0 Likes

Adding PA DR site globalprotect SSL-VPN gateway

Hello Team, Currently we are duscussing adding a DR site for our network. currently in the main datacenter we have globalprotect SSL-VPN configured. and now we are about to add a new PA-1410 in the DR site, and also configuring the Gateway for our employees. now we will have 2 portal IPs, the main and the DR one. Is there a way to ...

Unable to reach Palo Alto - Global Protect Portal.

Hey everyone,I’m currently deploying a GlobalProtect VPN on a Palo Alto VM-Series firewall running PAN-OS 10.2.16-h4 in AWS.Everything seems correctly configured according to the official GlobalProtect Admin Guide (portal, gateway, SSL/TLS certs, interfaces, routes, and security policies), but the portal is still unreachable via browser or Test-...

asamboni by L0 Member
  • 2088 Views
  • 1 replies
  • 0 Likes

GlobalProtect 6.x crashes

Hello I have a problem with GlobalProtect on two laptops, GP crashes. They are brand new laptops (Win 11 Pro 24H2). I've already reset them completely. Here is the Windows Event Viewer: Faulting application name: PanGPA.exe, version: 6.2.6.838, time stamp: 0x6732981c Faulting module name: PanGPA.exe, version: 6.2.6.838, time stamp: 0x6732981...

philippeS_0-1739269530202.png

One portal, multiple gateways for different users

Posted a diagram of what I am trying to accomplish but seem to get road blocks so maybe there is something I am missing. Company A will use an always on config with cert. So I assume the cert will take priority over the saml auth? Company B will be using manual/on-demand with no cert. Each company should be able to use the SAME external URL (vpn...

image.png

Resolved! Gloabl Protect -Gateway selection

Hello, As per the PA document - GlobalProtect uses a network discovery method to select the best available gateway from the available multiple gateway options. GlobalProtect attempts to communicate with all the gateways and uses criteria such as gateway priority, load, and response time from the gateway to determine the best available gatew...

VivekMs by L1 Bithead
  • 1646 Views
  • 1 replies
  • 0 Likes

Global Protect being interrupted by Copilot?

I have a handful of users having problems signing in to our GlobalProtect. The common thread is the embedded browser being redirected to this page. We even force installed the latest preferred 6.2 client with the use default browser option(in that case Firefox) and it still got this redirect. These people were working last week. To add we us...

stricklands1_0-1761854603690.png
  • 2079 Posts
  • 68 Subscriptions
Top Solution Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks