LSVPN with PA-450 Spokes 10.1 - active/active or active/passive?

Hello,

new to PAN .. at the moment we have to do a concept for failover in branch offices, in the LSVPN context.
We do have 2 LSVPN Hub Palo Alto FWs in Azure in active/active, where Azure Loadbalancer balances the traffic.

Now the question is for "stan

global protect split dns

my global protect client is 5.2.0-81,my firewall is pa-5020,software version is 8.1.23.

my global protect did the tunnel split,and dns split.  in globla protect portal, Agent->APP, i configure   Split-tunnel Option "Both network Traffic and DNS"，Resol

GlobalProtect appweb3 exhaust Mgmt CPU % due to large amount of users

GlobalProtect 

Hi Everyone, 

I experienced issue with GlobalProtect. At the start of the day, appweb3 will spike up abnormally to like 95%. 

From the traffic logs we noticed a lot different user trying to access GP. However the timing was exact the sa

GlobalProtect stops responding

After upgrading from 9.1.13-h to 9.1.14 issue was noticed  (not sure if it was present earlier) - in about a week/two GlobalProtect stops responding - even portal page is not opening from the browser, so also GP client connection fails. It is not get

GlobalProtect gateway not working as intended

Hello,

I am wondering if someone can help me out or point me in the right direction.

We have configured a Site-to-Site VPN connection between 2 firewalls and configured BGP on it. The first firewall has globalprotect gateway configured and is working

Remove a GlobalProtect gateway from a list of multiple gateways

We are transitioning our GP vpn from one Palo Alto firewall to another Palo Alto firewall.  And so during the transition each end-user has 2 gateways to choose from the old FW and the new FW.  Is there a way to globally remove a gateway from an end-u

Global Protect .exe files ?

Does anybody know if there is a location to download GlobalProtect .exe files for all versions ? 

Or... confirmation as to whether they exist ?

Groups added to VPN

Hello,

I have Global Protect setup and people are able to connect via a VPN connection with Split Tunnel turned on.
I have a request to setup another config for a certain group in AD that would give this group of users a different IP and  have Split Tu

Odd Internal Host Behavior

Community,

First off, I'm looking for ideas on what could possibly be causing a situation we are experiencing.  This is an issue with Always On Mode, using SAML authentication (built in browser, no default browser), in an Internal Host Detection stat

GlobalProtect Pre-Login SAML Webpage Not Loading

Hi everyone, I am hoping someone may have seen this before and may have some guidance.  I have a fully functioning GlobalProtect OnDemand system with LDAP + SAML setup and working well outside of the pre-login.  Once logged in, everything works as ex

GlobalProtect Connection Failed: Matching Client

Hello everyone.
I'm using my company's VPN. However I encountered the "Connection Failed: Matching Client" error. Can anyone tell me how to fix this problem? Your help will be highly appreciated!

System: Ubuntu 20.04

Launching method: Terminal -> `$ /u