This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
GlobalProtect Discussions
GlobalProtect discussions offers topics about our network security for endpoints that protects your organization's mobile workforce. This area is dedicated to GlobalProtect discussions to help you answer questions.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
GlobalProtect Discussions
GlobalProtect discussions offers topics about our network security for endpoints that protects your organization's mobile workforce. This area is dedicated to GlobalProtect discussions to help you answer questions.
About GlobalProtect Discussions
Welcome to the GlobalProtect discussion area! Here, you can engage in conversations about GlobalProtect, explore new insights, and stay updated on ongoing discussions. Check back regularly for the latest updates and community insights on GlobalProtect.

Discussions

Start a conversation

Global Protect w Azure SAML/MFA won't trigger logon dialog box

On my Cisco ASA I have SAML configured and when I logon I get prompted with a browser dialog box for user name and password which then triggers an MFA token to my smart phone. But for Global Protect the client is going straight to Authentication Failed without prompting me for user name and password - neither within the Global Protect client nor...

palomed_0-1649870982193.png
palomed by L3 Networker
  • 6072 Views
  • 0 replies
  • 0 Likes

Global Protect Logs Cookie Expired Before Expected

I am trying to understand how I could have two Global Protect cookie expiries within a half hour of successful certificate authentication. 7:04 Certificate Auth Successful and IP assigned4/12/2022 7:04 portal-auth login Certificate LAPTOP-ADHDS8HOL US ACME-99918411157 55.55.58.239 0.0.0.0 0.0.0.04/12/2022 7:04 gateway-getconfig configuration SS...

palomed by L3 Networker
  • 2635 Views
  • 0 replies
  • 0 Likes

Problems with Android through SAML in global protect

Hello,When trying to log in through SAML in global protect, the password typing is very slow, taking about a minute to be able to type it. Affected devices:- Samsung SM-T585/ Android 8.1.0- Samsung SM-T595/ Android 10Global protect version:Global protect version 5.2.11 (1521109)Any idea? Can anybody helps me?

Alpalo by L4 Transporter
  • 1900 Views
  • 0 replies
  • 0 Likes

GP - Split tunnel is working like full tunnel

Hello All! I configured the GP to be a split tunnel. When I connect, I can access internal resources, but no Internet access. Normally, a default GW gets assigned of 0.0.0.0 on the PAN adapter I thought. There's no GW. External traffic is trying to route via the Internal's ISP and not it's own.

DJ_Palo by L1 Bithead
  • 2783 Views
  • 2 replies
  • 0 Likes

Global Protect on MAC stuck at Portal Prelogin

Hi !I am trying to connect to GlobalProtect via Mac - on Windows (same user) everything works fine. Pressing the Connect button on Mac shows the Azure Login + 2MFA appears as expected but as soon as I enter the Codea blank screen appears and Logs are showing the following:"gp_version":"5.2.9-35","error_stage":"Portal pre-login","error":"Could no...

schimeha by L0 Member
  • 5721 Views
  • 3 replies
  • 1 Likes

How is it determined if a patch is "missing" or not?

Hypothetical scenario: All Windows 10 clients connecting to Globalprotect. All are managed by System Center Config Manager.I have a HIP Object that matches if there are any patches missing with a severity of 1 or greater.I have a HIP profile with this object in it that denies access to a subnet if there is a match.It is 2 days after Patch Tues...

Failures to connect with GlobalProtect 5.2.10 on Android 12 devices

We are able to connect from Android 11 devices with GP 5.2.5 but not from Android 12 devices using 5.2.10; the latter seems to fail when trying to allocation the virtual NIC for the VPN connection. We have a ticket open with PA but no resolve so far. Anyone have any ideas?27225)02/16 09:41:17:653488 - =JNI= ANDROID_ACTION_SET_VNIC_CONFIG, ret=f...

user in S Africa - cannot reliably connect or even see corp UK gateway

1. user is on a Mac running GP 5.2.10-62. user is running macOS Big Sur v11.6.33. all her gateways worked correctly before she left London for S Africa4. her home internet, as far as one can tell, seems to work correctly5. if she tries her other gateways, they work, but are slow why doesnt GP reliably show gateways, put another way, upon what do...

What to look for in GP logs: certificate auth

I am having some users who experience Connection Failed for the certificate auth Global Protect session.What are the top 4 or 5 things I should look for in Global Protect debug logs to pin down what's behind this message? On the back PAN side I am observing these steps in Monitor/Global Protect Logging for a good login: Portal Pre-LoginPortal A...

palomed_0-1649370767301.png
palomed by L3 Networker
  • 2079 Views
  • 0 replies
  • 0 Likes

GlobalProtect 6.0.0 testing and issues

Hi all, I have just installed 6.0.0 to test. Has anyone else had chance to test 6.0.0? I previously had 5.2.11 installed without any issues, and the GW is on 10.1.2 The issues that I am seeing with 6.0.0 are-Slower authentication with SSO via SAML-an extra 5-10 seconds over 5.2.11Win10 PIN code logon defaulting back to password on every startup/...

GP 5.2.5 disconnects in connected standby

We recently upgraded our clients to 5.2.5 and since then we have had numerous reports (and I have experienced it myself) of disconnects occurring as soon as the comouter goes into modern standby/connected standby. We have the computers setup to Never drop internet (windows 10 setting) when the computer enters sleep. Yet we see this occurring of...

How to issue private IP addresses for clientless VPN users?

Hi All, We have a small concern such that we need to issue private addresses for clientless VPN users. We configured the IP pool for the relevant user group but it seems like the user's source address is the remaining as a public IP. Let us know how to issue a private IP address for the clientless users or let us know how to NAT those users for ...

Udana by L1 Bithead
  • 1648 Views
  • 0 replies
  • 0 Likes

Multiple Portals on the same firewall for SAML testing

I would like to test and then gradually deploy Azure MFA SAML authentication. So as not to interfere with the current Portal and Gateway on this firewall I would like to set up a second portal on the same firewall. Can someone tell me if this is possible and what I would need: i.e Do I need another interface with its own public IP or can I use t...

  • 2069 Posts
  • 68 Subscriptions
Top Solution Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks