Checking if Global Protect is active (connected) via script or command line

Showing results for 
Show  only  | Search instead for 
Did you mean: 

Checking if Global Protect is active (connected) via script or command line

L1 Bithead

Hello Team,


I would like to find out if there's an option to check if Global Protect agent is connected and VPN is active using Windows CMD or PowerShell script?




Cyber Elite
Cyber Elite


From the client endpoint or through the firewall? Both would be relatively simple:


Client Endpoint

There's multiple ways to do this, anything from parsing ipconfig information to seeing if you can access an internal resource and using the response to return status. The surefire way would be to parse Get-NetAdapter response and find the status of PANGP Virtual Ethernet Adapter. Something like this and then parse the returned status to check if it's Up, or Disabled:

Get-NetAdapter | Where-Object {$_.InterfaceDescription -like "PANGP Virtual Ethernet Adapter*"} | Select-Object Status


Via Firewall

I'd personally right a script to just check if the requested user/machine is showing active on GlobalProtect using the API. 

Would it also be possible to check if I'm connected to the correct portal as well and not just GlobalProtect?

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!