Azure SAML Authentication with multiple PAs

Hey,

We have a GP configuration with 8 GP Gateways and 2 of them are acting as a GP Portal for backup.

We are using SAML authentication with Azure and wanted to know how to you deploy GP with SAML authentication in large scale.

Currently I have configu

Split Tunnel Domain & Application Cisco Umbrella Issue

We have one GlobalProtect Portal and 3 Gateways. This one Gateway is version 9.0.9-h1, and the GlobalProtect client version is 5.2.3-22. For testing, on this one Gateway, I enabled Split tunnel Domain and Application for *.webex.com and *.zoom.us.

I'

GP with split tunnel and one single Domain added with a specific Port not working

In GP the configuration was to have split tunnel with RFC 1918 Subnets only, there is one *.something.com ( Internet service ) added in the include domain and with a specific port 1443. But there are other traffic also started coming through tunnel w

GlobalProtect machine cert pre-login OR SAML

My customer switched from a cloud URL filter to PAN-OS on-prem. For remote users to be filtered, they must be connected to the network in this case via GP. To force those endpoints to always be protected, the VPN must be always-on and ideally users p

GP could limit AD account on computer

Group Policy not applying to laptop connected to VPN

I haven't been able to get Start Layout GPO to work for laptops that connect over VPN. I followed the Use Connect Before Logon guide to get my laptop connected to our domain before signing into a user account but for whatever reason the Group Policy

GP client didn't auto-connect after pass SAML with Default Browser

Hi all  

as subject showing. that the global protect didn't auto connect it-self .  we must click "click here", then,  it will show connecting.   pls check the screenshot from Edge. tested the same error from chrome. and IE.  

GlobalProtect MFA with Kerberos and RSA

Hello everyone, Palo Alto noobie here 

I am trying to configure GlobalProtect VPN with MFA authentication using Kerberos authentication protocol against AD and RSA hard tokens.
I have configured the GlobalProtect portal and gateway using different loo

Global Protect - frequent drops with SQL Server Management Studio....not with Windows VPN

Getting users complaining about frequent disconnects when the use SQL Server Management Studio over Global Protect....but when they are connected with the old school Windows PPTP VPN, it never drops. Not only that, they say it is faster.

My GP policy

Assigning the same IP to a GP client based on it's MAC address

I'm trying to connect a client computer to my corporate network via global protect, and once I'm connected, I need to print to that computer through the Linux service called CUPS. In order to print to this computer, I need to know what it's IP addres

Global Protect got intermittent connection after upgrade to PanOs 10.1.3.

Hi Support, Global Protect got intermittent connection after upgrade to PanOs 10.1.3. Any bugs on PanOs 10.1.3 for global protect? We try downgrade the PanOs version and seems like it resolved the issue. #globalprotect

GP with SAML to Azure not prompting MFA on phone

Hello Everyone,

GP is fully configured but there is an issue with SAML authentication to Azure. The authentication part is fine but I am not getting prompted on my phone for MFA. In fact my Azure credentials need to be entered twice before the client

GP client keeps prompting for credentials even with save user cred selected in portal config.

Hello,

So as the title says, but the catch is this is not consistent - one user we tested with GP client 5.2.7 and .10 and .4 and he logs in without the credentials prompt.

But for others with 5.2.4 it keeps prompting for login after every time it di