How to issue private IP addresses for clientless VPN users?

Hi All,

We have a small concern such that we need to issue private addresses for clientless VPN users. We configured the IP pool for the relevant user group but it seems like the user's source address is the remaining as a public IP. Let us know how

Multiple Portals on the same firewall for SAML testing

I would like to test and then gradually deploy Azure MFA SAML authentication. So as not to interfere with the current Portal and Gateway on this firewall I would like to set up a second portal on the same firewall. Can someone tell me if this is poss

Global protect authentication

Hi team,

In Global protect, is it mandatory for the user to authenticate in the portal and also in the gateway? I have tried to remove the authenticator in at least one of them so that it does not ask 2 times for user and pass without success.

Any idea

Global protect client updates unreachable in azure.

While setting up global protect from my azure palo alto appliance I noticed when I try to 'check for updates' I get this error "Failed to check upgrade info due to Unknown error. Please check network connectivity and try again." However I am able to

Global Protect - Flagging security issues with Insurance companies

I have several clients that are getting push back from their Cyber Security companies about the following issues (or non Issues). We have one company refusing to renew because of it and its coming up more often. I have a ticket open with support whic

Global Protect SSO Authentication Error after 30 Minutes

We are using the default browswer option for Onelogin authentication. So when we log into the computer the default browser launches which has the Onelogin screen. When we enter the username and password it logs the GP in and then all of the applicati

GP Certificate CN Mismatch issue when adding on more new Global Protect Gateway/Portal

I have two PA-820 operating in Active/Passive HA mode. The WAN set up is a dual ISP connection to a single ISP which are configured using BGP. I was adding a new Global Protect Gateway and portal that is segregated from the existing one to connect se

PAN-OS 9.1 GlobalProtect CEF Format

Hi,

I'm having issues finding the GP CEF format to send logs to SIEM.  It's not in the documentation. I belive the GP logs were being sent my SYSTEM prior to 9.1 and has changed to it's own log starting in 9.1

How to renew Global protect certificate

Our Palo alto will be depoloyed in cloud, We cannot login firewall without VPN, Now our Global certificate is expired so We cannot login palo alto so please suggest how to do

GW is receiving the routes from the satellites even though those routes were tagged "No Install" on the satellite firewalls

The intended routes, which are tagged "no Install" are not in the routing table of the satellite firewall.

 Locally the tag "no install" is working, but for GP satellite setup it is not working and the routes are propagated anyways, regardless of the

Global Protect VPN not work

We have 2 ISP on the PA220 device and both have configured for the global protect.
We are able to access our recourse form that other ISP but when we try with Airtel it's not working

global protect 4.1.11 allow users to change VPN password?

Hi guys,

I'm currently examining a PA 850 firewall which is providing VPN for remote users to connect.

the global protect client version is 4.1.11-9 and currently there's no user account integration with AD or RADIUS.

The demand is to allow user (accou

Problem with GlobalProtect after certificate renew

Hello there,

Yesterday our certificates used for GlobalProtect expired. I reneved them like last time and then - we lost possibility to connect to our institution from endpoints. Nothing more were changed.

Error seen on endpoint:

Now nobody can conn