GlobalProtect Internal Gateway and On-Demand

I'm trying to set up an Internal Gateway for GlobalProtect, and am finding that GP does not connect to the Internal Gateway if the Connect Method is set to "On-demand".  It works just fine if I set it to "Always-on".  Is this the way it's supposed to

DNS and global protect

I have a situation where global protect clients are dished out a DHCP address from the firewall but need an on-prem PTR created when they connect. does anyone have a good way to do this ?  

Valid web cert being flagged as invalid

Hi, has anyone ever run into an issue with a website's cert being flagged as invalid in the browser when connected to VPN? The website's cert is valid and everything works normally when not connected to VPN. Any input would be appreciated. 

Thanks

Automatically resetting preferred Gateway to "Best Available"?

Is there a way to automatically reset a GP client's preferred Gateway setting from the Portal?

I have gone from having multiple one-to-one Portal-Gateway setups, to a many-to-many setup where the GP client picks the best available Gateway based on ad

"Windows 10 S" won't open SAML window

We have some users on "Windows 10 S" the computers are not joined to the domain and they will not open the SAML window , it sits at the verifying your sign-in info message. The version of GP is 5.2.8-5 and it can only be downloaded through the MS sto

Global Protect MAF with SafeNet radius server

I need to integrate my GP with an undefined MFA third-party vendor named "SafeNet". As the documentation shared from the vendor needs to integrate with it as a Radius server. And I did that and got OTP successfully.

But right now I need to add 2 fact

Global Protect VPN not showing in Win7

Hi,

Yesterday i clicked on Yes when Global Protect VPN showing update and after that i am unable to find it in system tray and also i am unable to launch it from anywhere like start menu, i even tried to launch it from C:\Program Files\Palo Alto Netwo

Global Protect 6.0 and 6.0.1 do not install the PANGP virtual adapter on Win 8

I still have a few users with windows 8/8.1 and I am seeing an issue with their machines after activating the latest GP revisions on my firewalls. After a fair amount of troubleshooting, I found that the PANGP adapter wasn't installed.  

Users report

Global Protect Internal Gateway/VPN

Can we have Global Protect Internal VPN working same as external, means on-demand and  when we connect to internal gateway we should get an IP assigned from firewall. In that case we can restrict that IP pool  in security policies to access critical

Global Protect Disconnections

Hi everyone, hope someone can help me out with this. I'm looking into an issue whereby a user suffers frequent drops when connected to Global Protect. Apparently he sits next to the router and Internet is good. Today he reports drops at the following

Where is 5.2.13 for Windows?

I am still looking/waiting on 5.2.13 to address the most recent security vulnerabilities.   A couple of weeks ago they updated the bulletin to indicate the issue was not present in 5.2.13, but there is no 5.2.13 that I can find on Palo's site or on t

GP uses Microsoft Account connected to Windows 11 User | Can't declare actual VPN User

I am trying to connect to an employer's network using an different account that's different from my Microsoft account connected to my Windows user. However, I am not able to declare my username when connecting, I just get an error screen telling me t

GP disconnects in a set up with two ISPs when the primary link is down and users try to connect using the secondary link

Good morning,

in production we have a pair of PA-440 in HA (10.1.5). The firewalls have been configured with double VR as described in this article:

https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClFiCAK

The firewalls are conn