This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
GlobalProtect Discussions
GlobalProtect discussions offers topics about our network security for endpoints that protects your organization's mobile workforce. This area is dedicated to GlobalProtect discussions to help you answer questions.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
GlobalProtect Discussions
GlobalProtect discussions offers topics about our network security for endpoints that protects your organization's mobile workforce. This area is dedicated to GlobalProtect discussions to help you answer questions.
About GlobalProtect Discussions
Welcome to the GlobalProtect discussion area! Here, you can engage in conversations about GlobalProtect, explore new insights, and stay updated on ongoing discussions. Check back regularly for the latest updates and community insights on GlobalProtect.

Discussions

Start a conversation

GP with split tunnel and one single Domain added with a specific Port not working

In GP the configuration was to have split tunnel with RFC 1918 Subnets only, there is one *.something.com ( Internet service ) added in the include domain and with a specific port 1443. But there are other traffic also started coming through tunnel with different ports, not only 1443. Any reason for it, The include domain with port won't work he...

GlobalProtect machine cert pre-login OR SAML

My customer switched from a cloud URL filter to PAN-OS on-prem. For remote users to be filtered, they must be connected to the network in this case via GP. To force those endpoints to always be protected, the VPN must be always-on and ideally users prevented from disabling the client. Without pre-login or cert auth, the endpoint is unprotected u...

mb_equate by L3 Networker
  • 2568 Views
  • 0 replies
  • 0 Likes

GP could limit AD account on computer

hello, I have a question , Can the GP solution solve the following scenariosThe computer of terminal A has joined the domain (AD). one user login to the terminal with domain account a, and then restricts the user to dial GP with account a instead of other accounts ?

Felixcao by L3 Networker
  • 1467 Views
  • 0 replies
  • 0 Likes

Group Policy not applying to laptop connected to VPN

I haven't been able to get Start Layout GPO to work for laptops that connect over VPN. I followed the Use Connect Before Logon guide to get my laptop connected to our domain before signing into a user account but for whatever reason the Group Policy is still not changing my settings. https://docs.paloaltonetworks.com/globalprotect/5-2/globalprot...

GRattu by L0 Member
  • 3456 Views
  • 0 replies
  • 0 Likes

GlobalProtect MFA with Kerberos and RSA

Hello everyone, Palo Alto noobie here 🙂I am trying to configure GlobalProtect VPN with MFA authentication using Kerberos authentication protocol against AD and RSA hard tokens.I have configured the GlobalProtect portal and gateway using different loopbacks. For the portal authentication I am using only Kerberos while for the gateway authenticat...

netgirl by L0 Member
  • 2158 Views
  • 0 replies
  • 0 Likes

Global Protect - frequent drops with SQL Server Management Studio....not with Windows VPN

Getting users complaining about frequent disconnects when the use SQL Server Management Studio over Global Protect....but when they are connected with the old school Windows PPTP VPN, it never drops. Not only that, they say it is faster.My GP policy is pretty open and not seeing any drops in the logs. Since it works with Windows VPN and gives me...

Assigning the same IP to a GP client based on it's MAC address

I'm trying to connect a client computer to my corporate network via global protect, and once I'm connected, I need to print to that computer through the Linux service called CUPS. In order to print to this computer, I need to know what it's IP address is. So, once I connect the client computer to the internet, download global protect, and connec...

Jamescy by L0 Member
  • 3910 Views
  • 2 replies
  • 0 Likes

GP with SAML to Azure not prompting MFA on phone

Hello Everyone, GP is fully configured but there is an issue with SAML authentication to Azure. The authentication part is fine but I am not getting prompted on my phone for MFA. In fact my Azure credentials need to be entered twice before the client connects. Any idea what could be going on? Thank in you in advance.

GP client keeps prompting for credentials even with save user cred selected in portal config.

Hello, So as the title says, but the catch is this is not consistent - one user we tested with GP client 5.2.7 and .10 and .4 and he logs in without the credentials prompt. But for others with 5.2.4 it keeps prompting for login after every time it disconnects.. This should be a good thing right, but oh well, their users are complaining so they w...

  • 2062 Posts
  • 68 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks