If the IPv6 sinkholing feature is enabled for GP / Prisma Access, does split-tunneling IPv6 traffic work? We have some users that need to access some resources via IPv6 but would like to sinkhole all other IPv6 traffic.
Hello, I am setting up the Global Protect VPN on our PA-850 and unable to connect with MAC OSX clients. I am using Azure for 2-factor and the vpn is working fine with windows clients. On a MAC (13.1) I get the 2-factor sign-in but the Palo Alto embedded web page is not coming up after signing in and will not connect. The PA firmware is 10.1.6 ...
We recently switched from the built-in authentication window, to the default browser window for SSO sign-in with O365 SAML. This has worked fine for about 50% of people, however, the other 50% are not being signed in automatically. They have to press the Click Here link in their browser window. All of our browsers are managed by O365 and have th...
GP gateway and portal are configured properly and they are working as expected. We want to deliver the GP agent to all employees in a automatic way using our MDM tool which supports PowerShell and bash scripts. And also we using split tunnel for the configuration, so we need to have system extension enabled on all agents. If there is any way to...
Hello all, I was wondering if the value of my made plist can have wildcard.I have currently made one that checks the plist "com.apple.softwareupdate" to find the OS version, and wanted the key value to be, as an example "13.2*" or even "13*". I know there is an already made one that checks for OS version by paloalto, however I wanna input th...
We have several Palo alto firewalls in production now. We currently have client vpn going to Cisco ASAs. We are looking to move the VPN to the Palo Alto. I have been able to get a single vpn profile working. Before we can move to the Palo Alto, i need to figure out how to get the Global protect vpn working similar to the ASA anyconnect vpns. On ...
From what I can tell Global protect was deployed via Intune to laptops. I have tried to add a portal to the global protect portals/gateways and it doesnt propagate to the clients so I assume there is something that is preventing this and the Intune settings override it. How can I add another portal to the GP client for all my users and allow the...
The vpn gui is stuck saying connecting... and never loads the gateway page. After looking at the logs, it kept saying CPanMsgQueue::create - failed to create message queue. error = 13. I am running Ubuntu 22.04.1 LTS
Hi All, This issue started this weekend as soon as i changed the authentication method of GlobalProtect to SAML. MAC users are unable to connect to GP. When checked looks like many other users are also faced this issue but not seeing any fix for it. Please suggest. LIVEcommunity - globalprotect authentication issues using SAML on MacOS - LIVEcom...
Hi there, I’ve got a team member who loses VPN connectivity every 8-10 minutes at his home office. It disconnects and promptly reconnects. This is a recent phenomena, as it worked perfectly the two months prior to this. The VPN functions perfectly for everyone else, it functions perfectly when he’s in office, but as of this week he’s facing ...
Hello all, we need to allow to access different machines via MS RDP. I write here which accesses work/not work to get an idea of our problem: Location 1 -> S2S -> Location 2 -> RDP working Location 1 -> S2S -> Location 2 -> S2S -> Location 3 - RDP workingGlobalProtect -> Location 1 -> S2S -> Location 2 -> RDP w...
Hi All, I've got a Mac Ventura OS system using Global Protect client 6.1.0-58 and the the user is receiving a message that it could not connect to the Global Protect service. Logs report as per below. I've tried a number of things below. Any help is appreciated! Logs: P1839-T34567 02/22/2023 15:49:08:971 Error( 80): CPanSocket::Connect - Fai...
How would I go about creating a HIPS profile that would deny access to machines running windows 7 that need to connect to global protect?
Our users are having isues on Global protect 6.2 version which they said its working last week but now it can connect even though we rebooted the laptops and still the same. I open the Global protect app and check the logs and we are seeing that gpfltdrv is missing after installing global protect even though we just reinstall it. Same thing when...
Hi, We have a use case where we want to allow users from the same location using Global protect to be able to access two separate Global Protect Gateways and authenticate using SSO via Azure. The reason is that for the first gateway config we have assigned the split tunnel feature, we would like to have a set of users in the same location be...
BPry
on:
Rollout Strategy: GlobalProtect Disconnect Comments + 12-Hour Auto-Reconnect
