Checking if GlobalProtect status is active (connected) via script or command line

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

Checking if GlobalProtect status is active (connected) via script or command line

L0 Member

Hello Team,

 

I would like to find out if there's an way to check if GlobalProtect agent status is connected and VPN is active on Macintosh using bash or zsh command line or script.

 

Thanks.

3 REPLIES 3

L6 Presenter

Have you tested this?

 

"C:\Windows\system32\sc.exe" query pangps | find "STOPPED"

scquery pangps | find "STOPPED"

https://www.crowdstrike.com/blog/exploiting-escalation-of-privileges-via-globalprotect-part-1/

"sc" seems the command line tool for this job.

Hi @nikoolayy1 ,

 

I wouldn't agree you could determine the status of GP tunnel (connected or not connected), just by looking at PanGPS service status.

PanGPS service will still be running even if it is not currently connected to any GP gateway.

 

@Eljay123 ,

If you only need to know if GP is connected or not, you could probably just look at interfaces and see if tunnel interface for PanGP is present. You could also check routing table for routes pointing to the tunnel.

You are right. I tried to find if there are some documented windows terminal/powershell commands like the ones for Linux https://docs.paloaltonetworks.com/globalprotect/5-1/globalprotect-app-user-guide/globalprotect-app-f... but I found an old post:

 

https://live.paloaltonetworks.com/t5/globalprotect-discussions/checking-if-global-protect-is-active-...

 

Get-NetAdapter | Where-Object {$_.InterfaceDescription -like "PANGP Virtual Ethernet Adapter*"} | Select-Object Status
  • 5767 Views
  • 3 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!