This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
GlobalProtect Discussions
GlobalProtect discussions offers topics about our network security for endpoints that protects your organization's mobile workforce. This area is dedicated to GlobalProtect discussions to help you answer questions.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
GlobalProtect Discussions
GlobalProtect discussions offers topics about our network security for endpoints that protects your organization's mobile workforce. This area is dedicated to GlobalProtect discussions to help you answer questions.
About GlobalProtect Discussions
Welcome to the GlobalProtect discussion area! Here, you can engage in conversations about GlobalProtect, explore new insights, and stay updated on ongoing discussions. Check back regularly for the latest updates and community insights on GlobalProtect.

Discussions

Start a conversation

How is it determined if a patch is "missing" or not?

Hypothetical scenario: All Windows 10 clients connecting to Globalprotect. All are managed by System Center Config Manager.I have a HIP Object that matches if there are any patches missing with a severity of 1 or greater.I have a HIP profile with this object in it that denies access to a subnet if there is a match.It is 2 days after Patch Tues...

Failures to connect with GlobalProtect 5.2.10 on Android 12 devices

We are able to connect from Android 11 devices with GP 5.2.5 but not from Android 12 devices using 5.2.10; the latter seems to fail when trying to allocation the virtual NIC for the VPN connection. We have a ticket open with PA but no resolve so far. Anyone have any ideas?27225)02/16 09:41:17:653488 - =JNI= ANDROID_ACTION_SET_VNIC_CONFIG, ret=f...

user in S Africa - cannot reliably connect or even see corp UK gateway

1. user is on a Mac running GP 5.2.10-62. user is running macOS Big Sur v11.6.33. all her gateways worked correctly before she left London for S Africa4. her home internet, as far as one can tell, seems to work correctly5. if she tries her other gateways, they work, but are slow why doesnt GP reliably show gateways, put another way, upon what do...

What to look for in GP logs: certificate auth

I am having some users who experience Connection Failed for the certificate auth Global Protect session.What are the top 4 or 5 things I should look for in Global Protect debug logs to pin down what's behind this message? On the back PAN side I am observing these steps in Monitor/Global Protect Logging for a good login: Portal Pre-LoginPortal A...

palomed_0-1649370767301.png
palomed by L3 Networker
  • 2029 Views
  • 0 replies
  • 0 Likes

GlobalProtect 6.0.0 testing and issues

Hi all, I have just installed 6.0.0 to test. Has anyone else had chance to test 6.0.0? I previously had 5.2.11 installed without any issues, and the GW is on 10.1.2 The issues that I am seeing with 6.0.0 are-Slower authentication with SSO via SAML-an extra 5-10 seconds over 5.2.11Win10 PIN code logon defaulting back to password on every startup/...

GP 5.2.5 disconnects in connected standby

We recently upgraded our clients to 5.2.5 and since then we have had numerous reports (and I have experienced it myself) of disconnects occurring as soon as the comouter goes into modern standby/connected standby. We have the computers setup to Never drop internet (windows 10 setting) when the computer enters sleep. Yet we see this occurring of...

How to issue private IP addresses for clientless VPN users?

Hi All, We have a small concern such that we need to issue private addresses for clientless VPN users. We configured the IP pool for the relevant user group but it seems like the user's source address is the remaining as a public IP. Let us know how to issue a private IP address for the clientless users or let us know how to NAT those users for ...

Udana by L1 Bithead
  • 1632 Views
  • 0 replies
  • 0 Likes

Multiple Portals on the same firewall for SAML testing

I would like to test and then gradually deploy Azure MFA SAML authentication. So as not to interfere with the current Portal and Gateway on this firewall I would like to set up a second portal on the same firewall. Can someone tell me if this is possible and what I would need: i.e Do I need another interface with its own public IP or can I use t...

Global protect authentication

Hi team,In Global protect, is it mandatory for the user to authenticate in the portal and also in the gateway? I have tried to remove the authenticator in at least one of them so that it does not ask 2 times for user and pass without success.Any idea? why do I need both? what happens if I use different authentication profiles? Is it possible to ...

Alpalo_0-1648723055844.png
Alpalo by L4 Transporter
  • 2112 Views
  • 1 replies
  • 0 Likes

Global protect client updates unreachable in azure.

While setting up global protect from my azure palo alto appliance I noticed when I try to 'check for updates' I get this error "Failed to check upgrade info due to Unknown error. Please check network connectivity and try again." However I am able to connect to updates.paloaltonetworks.com. DNS is setup and running properly. I am even able to get...

Global Protect - Flagging security issues with Insurance companies

I have several clients that are getting push back from their Cyber Security companies about the following issues (or non Issues). We have one company refusing to renew because of it and its coming up more often. I have a ticket open with support which I have been waiting forever to hear back. How do I force a login requirement? I know it used to...

Global Protect SSO Authentication Error after 30 Minutes

We are using the default browswer option for Onelogin authentication. So when we log into the computer the default browser launches which has the Onelogin screen. When we enter the username and password it logs the GP in and then all of the applications behind Onelogin use the token in the default browser to as the credentials. If we wait until...

GP Certificate CN Mismatch issue when adding on more new Global Protect Gateway/Portal

I have two PA-820 operating in Active/Passive HA mode. The WAN set up is a dual ISP connection to a single ISP which are configured using BGP. I was adding a new Global Protect Gateway and portal that is segregated from the existing one to connect separate group of users. Separate domain name and public IP with standalone SSL Certificate created...

sisayfe by L1 Bithead
  • 3563 Views
  • 0 replies
  • 0 Likes
  • 2064 Posts
  • 68 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks