GlobalProtect Discussions | Palo Alto Networks

Assign Fixed IP Address to Global Protect Users with ldap+radius

Hi all,

I've tried to assign a static ip address to global protect connection using this kb https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u0000008UkxCAE but it doesn't work.

The support says that if we have ldap auth for username/p

...

GlobalProtect IPSec configuration

We have been using GlobalProtect for awhile but I just became aware that none of our clients are connected using IPSec even though the option is checked.

I can't see anything being blocked so I am wondering if it is a configuration issue of some kind

...

Resolved! GlobalProtect - Slack split tunnel stopped working for some users

Hello,

I have a case open but I thought I would post here in case someone had seen this. Most of our users use GP client 5.2.6. We are going to force an upgrade to 5.2.8 soon. In the mean time we have encouraged people to start upgrading when they

...

GlobalProtect connects, but doesn't download client updates on some MACs

We've setup a 3220 firewall to transparently download and install the GlobalProtect client to our MAC users. Once the client is Activated it gets pushed and installed on most of our user's MACs. About 25% of them though don't update to the new client

...

Since Migrating to PA-460 PAN-OS 10.1.3, SMS-message-based multi-factor authentication (MFA) did not display a prompt to enter the authentication code

Since Migrating to PA-460 PAN-OS 10.1.3, from PA-3020 PA-OS 9.1....... SMS-message-based multi-factor authentication (MFA) did not display a prompt to enter the authentication code.

PA-3020 with PAN OS 9.1

Firewall forwards incoming Global Protect a

...

GlobalProtect SSL error

(P19520-T11728)Dump (1338): 02/09/22 16:16:12:010 SSL_connect: initialization (P19520-T11728)Dump (1338): 02/09/22 16:16:12:010 SSL_connect: write client hello A (P19520-T11728)Dump (1355): 02/09/22 16:16:12:059 SSL_connect:error in SSLv2/v3 read ser...

Resolved! Global Protect users cant connect - certificate out of date

Hello,

I have over 1000 users and just this week some users (maybe 10) have not been able to connect to Global Protect from home. I worked out its because their ROOTCA has expired under Manage Certificates on their laptop. Its been working for 2 ye

...

Resolved! How to generate report for Global Protect versions on endpoint

Hi Palo Alto community,

I am new to Global Protect management portal. I have the access to view the firewall and I would like to see what version of Global Protect are all the end users are using. Is there a way for me to generate the up to date repo

...

Resolved! GlobalProtect preferred release

Is there any preferred/most stable GlobalProtect client release as of February 2022?

Thank you.

Resolved! Dynamic Updates - GlobalProtect Data File

Hi all,

We are running a VM100. Should the GlobalProtect data file be getting regular updates? WildFire and the ThreatDB are working fine, but the last update for the GlobalProtect Data file is November 2020. I believe this is used for HIP information

...

Possible DNS Issue after GlobalProtect upgrade

Our GlobalProtect firewalls are running version 8.1.15 and another 9.1.4. We allow Split Tunnel, and one firewall has a 0.0.0.0/0 Include Access Route, and the other does not. Both don’t have any Excluded routes. The one firewall (9.1.4) does have a

...

Resolved! Carbon black incomplete definition data

When matching HIP objects for definitions updated within 30 days a majority of my users failed. I noticed carbon black does not show the data I need under definition version or data. Has anyone else seen this?

What's stored in the GlobalProtect encrypted cookie on the endpoint?

Does anyone know what data is stored in the GlobalProtect authentication cookie?

Is it something like a session token, session data unique to that connected VPN session? Would it contain user credential information if it's not a pre-logon setup? I kno

...

Resolved! GlobalProtect immediate gateway-logout after gateway-register, no errors to be found in firewall monitoring

Hi LIVEcommunity,

starting yesterday a select few (but increasing) amount of our GlobalProtect users can't establish a connection anymore. I checked the firewall's logs and can't find any hint as to what causes the issues, as most other users seem to

...

Global Protect traditional and ADEM

Is Global protect without Prisma ever going to get anything related to what ADEM does for prisma? Would be super nice if some of the features would report back to local FW, or even just hold some information on the client for troubleshooting purpos

...

Discussions

Assign Fixed IP Address to Global Protect Users with ldap+radius

GlobalProtect IPSec configuration

Resolved! GlobalProtect - Slack split tunnel stopped working for some users

GlobalProtect connects, but doesn't download client updates on some MACs

Since Migrating to PA-460 PAN-OS 10.1.3, SMS-message-based multi-factor authentication (MFA) did not display a prompt to enter the authentication code

GlobalProtect SSL error

Resolved! Global Protect users cant connect - certificate out of date

Resolved! How to generate report for Global Protect versions on endpoint

Resolved! GlobalProtect preferred release

Resolved! Dynamic Updates - GlobalProtect Data File

Possible DNS Issue after GlobalProtect upgrade

Resolved! Carbon black incomplete definition data

What's stored in the GlobalProtect encrypted cookie on the endpoint?

Resolved! GlobalProtect immediate gateway-logout after gateway-register, no errors to be found in firewall monitoring

Global Protect traditional and ADEM

Panorama managed - Global protect SAML cert renew - IDP xml import wrong expiry

Gloabl Protect -Gateway selection

SPlit tunneling issue on GlobalProtect

Global Protect VPN only on domain joined devices

GP User-logon (Always On) doesn't connect

Re: Adding PA DR site globalprotect SSL-VPN gateway

Re: GlobalProtect Not Working on macOS (Sequoia 15.5)

Re: We're encountering a GlobalProtect error stating 'Certificate is not within its validity period,' despite this being a newly configured Palo Alto

Re: GlobalProtect Not Working on macOS (Sequoia 15.5)

Re: What does it mean Stage and Event GlobalProtect Fields?

Unlock your full community experience!

Resolved! GlobalProtect - Slack split tunnel stopped working for some users

Resolved! Global Protect users cant connect - certificate out of date

Resolved! How to generate report for Global Protect versions on endpoint

Resolved! GlobalProtect preferred release

Resolved! Dynamic Updates - GlobalProtect Data File

Resolved! Carbon black incomplete definition data

Resolved! GlobalProtect immediate gateway-logout after gateway-register, no errors to be found in firewall monitoring