This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
GlobalProtect Discussions
GlobalProtect discussions offers topics about our network security for endpoints that protects your organization's mobile workforce. This area is dedicated to GlobalProtect discussions to help you answer questions.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
GlobalProtect Discussions
GlobalProtect discussions offers topics about our network security for endpoints that protects your organization's mobile workforce. This area is dedicated to GlobalProtect discussions to help you answer questions.
About GlobalProtect Discussions
Welcome to the GlobalProtect discussion area! Here, you can engage in conversations about GlobalProtect, explore new insights, and stay updated on ongoing discussions. Check back regularly for the latest updates and community insights on GlobalProtect.

Discussions

Start a conversation

policy to only allow specific Host-ID auth thru GlobalProtect.

i'm seeing bad guys trying to bruteforce my GlobalProtect VPN and I want to stop that. I want to achieve only specific laptop Host-ID can go thru GlobalProtect authentication and bad guys when they trying to auth with wrong account/pwd should not able to or GlobalProtect shall not prompt 'wrong account/password'. Can I do this via policy?

logmpang by L0 Member
  • 1521 Views
  • 1 replies
  • 0 Likes

Endpoint Traffic Enforcement for VM

Hi everyone. There is "Endpoint Traffic Enforcement" feature which does not allow connection outside the Globalprotect connection, but it does not work with virtual machines on host. So, if you have a VM on host with Globalprotect and configure network adapter in bridge mode, it's traffic bypasses Globalprotect tunnel and goes directly through...

GlobalProtect app iOS issue

We are currently using PA-410 equipment and the GP gateway license is also registered.After setting the GP, it is used normally on Android and Windowsbut even if the certificate is registered on the iOS device, it is possible to connect from the GP appbut the actual communication does not work, and it says that the external gateway cannot be fou...

Does GP support per app VPN?

Hi all, Searched the community but unable to find any answer so post here. I would like to implement per app VPN for mobile users (iOS and Android). So if a user starts an app (e.g Confluence), GP will automatically establish VPN. There are some documents but they all only mentioned Android and they appeared to be out dated too. This bel...

LSVPN Portal Redundancy

I successfully setup LSVPN with a single portal , 2 gateways and some satellites. I realized that if my portal goes down for any reason, then the gateways are useless since the satellite needs the portal to get to the gateways. Any ideas on how best to setup a 2nd portal? Currently, my portal is on one of the gateways. I was thinking i can...

eridavis by L1 Bithead
  • 4687 Views
  • 3 replies
  • 0 Likes

GlobalProtect authentication with NPS Plugin to Azure MFA problems

Hi, We have configured GlobalProtect to use NPS Plugin to Azure MFA as primary authentication. The thing is that it only works every other time, when it doesn't work it says "Radius Timeout". Any ideas of what could be the problem? We have tried with both OTP and Push notifications in the Microsoft authenticator app but it's the same problems.

Globalprotect iOS connect and internet issue

Hello, sir Globalprotect is set up and in use, but there is a problem in iOS In Android, it is normally connected and the Internet is connected through the GP, but in iOS, it is connected, but the Internet is not available, and the log value is as follows 11/28/2022 14:11:59:145 [Info ]: GlobalProtect service started (client version: 6.0.4-8, ...

Internal/External Gateway User-id

Dear Guys, I try to configure my global protect portal to connect my clients through external or internal networks. I configure my agent with internal detection and external parameters. When i connect in the internal networks, the FW see me in the internal network but in the monitor tab i don't see the user-id with my private ip address. When i ...

SECRES by L0 Member
  • 4690 Views
  • 3 replies
  • 0 Likes

Can PAN gateway client config use both IP based split tunneling *and* use domain name exceptions?

When I first set up the client-config a couple of years ago I tried out the name based split tunneling and it didn't seem to work. As I was under the gun I implemented IP based split tunneling but never ran the name based split tunneling issue to ground. If I already have IP based split tunneling, should I be able to add a DNS exclude to not be ...

Resolved! PA-300 induced high latency for GP clients with just 200Mbps troubput

Our users on Global Protect clients downloading a somewhat large file all at the same time. The aggregate amount download was 200GB over a couple of hours. The server they were downloading from was outside of our data center and the files were going through Global Protect because the destination server was part of the split tunnel. During this p...

  • 2069 Posts
  • 68 Subscriptions
Top Solution Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks