GlobalProtect quarantine

I am in the process of setting up HIP objects and profiles with the end result being a quarantine for devices that do not match for AV software and definitions along with Windows patch levels. I want to be able to automatically quarantine a device to

GlobalProtect upgrade through GPO

Hi team,

Hope all is well. We have an issue with the GP client app upgrade through GPO when users are working remotely. Users who work in the corporate have no issue with the GP upgrade, however, it seems remote users do not have access to the shared

LSVPN with PA-450 Spokes 10.1 - active/active or active/passive?

Hello,

new to PAN .. at the moment we have to do a concept for failover in branch offices, in the LSVPN context.
We do have 2 LSVPN Hub Palo Alto FWs in Azure in active/active, where Azure Loadbalancer balances the traffic.

Now the question is for "stan

global protect split dns

my global protect client is 5.2.0-81,my firewall is pa-5020,software version is 8.1.23.

my global protect did the tunnel split,and dns split.  in globla protect portal, Agent->APP, i configure   Split-tunnel Option "Both network Traffic and DNS"，Resol

GlobalProtect appweb3 exhaust Mgmt CPU % due to large amount of users

GlobalProtect 

Hi Everyone, 

I experienced issue with GlobalProtect. At the start of the day, appweb3 will spike up abnormally to like 95%. 

From the traffic logs we noticed a lot different user trying to access GP. However the timing was exact the sa

GlobalProtect stops responding

After upgrading from 9.1.13-h to 9.1.14 issue was noticed  (not sure if it was present earlier) - in about a week/two GlobalProtect stops responding - even portal page is not opening from the browser, so also GP client connection fails. It is not get

GlobalProtect gateway not working as intended

Hello,

I am wondering if someone can help me out or point me in the right direction.

We have configured a Site-to-Site VPN connection between 2 firewalls and configured BGP on it. The first firewall has globalprotect gateway configured and is working

Remove a GlobalProtect gateway from a list of multiple gateways

We are transitioning our GP vpn from one Palo Alto firewall to another Palo Alto firewall.  And so during the transition each end-user has 2 gateways to choose from the old FW and the new FW.  Is there a way to globally remove a gateway from an end-u

Global Protect .exe files ?

Does anybody know if there is a location to download GlobalProtect .exe files for all versions ? 

Or... confirmation as to whether they exist ?

Groups added to VPN

Hello,

I have Global Protect setup and people are able to connect via a VPN connection with Split Tunnel turned on.
I have a request to setup another config for a certain group in AD that would give this group of users a different IP and  have Split Tu