This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
GlobalProtect Discussions
GlobalProtect discussions offers topics about our network security for endpoints that protects your organization's mobile workforce. This area is dedicated to GlobalProtect discussions to help you answer questions.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
GlobalProtect Discussions
GlobalProtect discussions offers topics about our network security for endpoints that protects your organization's mobile workforce. This area is dedicated to GlobalProtect discussions to help you answer questions.
About GlobalProtect Discussions
Welcome to the GlobalProtect discussion area! Here, you can engage in conversations about GlobalProtect, explore new insights, and stay updated on ongoing discussions. Check back regularly for the latest updates and community insights on GlobalProtect.

Discussions

Start a conversation

Global Protect Clientless displaying blank page

I have multiple servers behind a clientless Global Protect VPN Portal and they all work fine apart form the Demisto (Cortex XSOAR) HTTPS, which shows blank page when browsing to it.The Demisto server works fine when browsing to it directly and all other sites work ok over the Clientless portal . The GP Clientless content package is up to date a...

batd2 by L4 Transporter
  • 10898 Views
  • 5 replies
  • 0 Likes

GlobalProtect Welcome screen links - PanGPA.exe authentication

Hi, for long period of time we are using global protect welcome screen including url links to web applications. Those links are for easy access to internal web applications, lately there was a change on the global protect client behavior which cause two authentication windows pop up to show for the end user double authentication. One in windows ...

SShnap by L3 Networker
  • 7702 Views
  • 2 replies
  • 0 Likes

Global Protect client not isolated

If you are using Global Protect AND you have split-tunneling enabled. Your PC is accessible via the local LAN. So if your in an insecure location the other people on that LAN can hack at your computer. If you don't believe me try it out.

Certificate authentication on Linux

Hello, Our company requires client certifications in order to be able to connect. I've created a standard CSR using the openssl command and had it signed by our in-house CA. Then Imported into globalprotect. However the portal does not approve the certificate. I think I need some template info or something special in the certificate. Can an...

JBravoIS by L0 Member
  • 1599 Views
  • 0 replies
  • 0 Likes

GlobalProtect Login with okta

hello everyone Accounts were linked by creating Paloalto NGFW and Okta Saml2.0 Application.The GlobalProtect login method logs in with the Okta domain.This works really well.The login method is Always-on. What I am curious about is that a user attempts to log in to Global Protect and enters a password to access it.However, if the Client PC is re...

Resolved! Unable to select publish applications after PAN OS upgrade

Hi Everyone. I am having an issue in selecting the publish appliations in clientless vpn apps. Prior to the recent firewall upgrade , I was able to use published apps configured for Clientless VPN, and now it is not working. I get error message 404 page not found whenever I select a published application. Here is a summary of my issue. I can ...

GlobalProtect appliance PCI Compliance

Hi, We're trying to get our VPN appliance PCI compliant and not sure what is going on, as it's automatically failing. Minimum TLS is 1.2 and have disabled all the weak key exchanges. This was done prior to any PCI compliance requirement. When we run the SSL test on ssllabs.com, we're getting an A-. The PCI report contains the below: THRE...

Resolved! Global Protect Gateway unreachable

Good morning! First time posting here. We are seeing an issue with our GP users in that some cannot connect while other can with out issue. The error that we are seeing is that the agent is unable to establish a connection to the gateways. We several gateways that we use (only US based ones) that are pretty evenly distributed with users that are...

Resolved! Split Tunneling Included Sites next hop

I figured I would start here since this seems like an easy fix. We are working to include certains IPs/domains/apps etc in the tunnel. Currently the only traffic that is routed through the tunnel is internal networks, which operates fine, all other traffic goes out through their own gateway. When we try to include a domain like ipchicken.com, I ...

Global Protect in Microsoft Store Outdated

Hello All, I had a customer reach out to me about when the Microsoft Store would have a newer version of GP . Currently the version available is 5.2.8-5. Does anyone know when version 6 would be available? Thank you in advance. GlobalProtect Please note you are posting a public message where community members and experts can provide ass...

bdaniels by L0 Member
  • 2783 Views
  • 2 replies
  • 0 Likes

Server Certificate Error

I was able to connect a few weeks prior to this error by uninstalling and reinstalling the GlobalProtect client. However this is no longer working. I'm getting the Server Certificate Error popup: I checked Device/Certificate Management/Certificates and all my certificates have Status of valid. For VPN I have the setting for Username/Passw...

PaloAltoVPNError.png

unable to install code42 agent when GP is turned on

With GlobalProtect running but not connected the installs are working as expected. Once we are connected to the VPN, getting the following error: Request to activate com.code42.agent.extension failed. The operation couldn’t be completed. (OSSystemExtensionErrorDomain error 8.)

srini3 by L0 Member
  • 1560 Views
  • 0 replies
  • 0 Likes

SAML failed login attempt error mesage

We have SAML setup for GP where we check if user is member of the allow list in the auth profile. We have some illegal attempts which show up in system log with only 2 entries, 'saml-client-redirect' and 'auth-fail' with error message "failed authentication for user \'*******\'. Reason: User is not in allowlist. auth profile \'********\', vsys...

Anbjorn by L1 Bithead
  • 1576 Views
  • 0 replies
  • 0 Likes
  • 2069 Posts
  • 68 Subscriptions
Top Solution Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks