This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew

Command to Disconnect Global Protect VPN

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

Command to Disconnect Global Protect VPN

Jon_Palo92
L1 Bithead

‎10-28-2025 08:04 AM

I'm looking for a PowerShell script or commands to disconnect the Global Protect VPN and preventing the auto connection happen again and enforce the user to enter the credentials again.

 

 

In addition, I need same thing for MacBook devices. Thank you!.

0 Likes Likes
2 REPLIES 2

kiwi
Community Team Member

‎10-28-2025 09:29 AM

Hi @Jon_Palo92 ,

 

GlobalProtect is designed to be fully configurable by your organization's IT department to prevent users from disconnecting.

The goal of this configuration is often to enforce a "mandatory always-on" security posture, ensuring your device remains protected and compliant with company policy at all times. If the administrator sets the connection method to "Always On" and disables the option to disconnect in the Portal configuration, the VPN client will reconnect after any disruption or forced shutdown.

 

Since the ability to disconnect is controlled by your organization's security policy and firewall administrator you should reach out directly to your company's IT Help Desk or Security Department.  They are the only ones who can verify your current security policy and make the necessary changes to the GlobalProtect Portal configuration to allow you to disconnect or to change your connection settings.

 

It kinda depends on your connect method and whether or not disconnecting is allowed in your GP portal configuration:

 

kiwi_0-1761668836758.png

 

Kind regards,

-Kim.

LIVEcommunity team member, CISSP
Cheers,
Kiwi
Please help out other users and “Accept as Solution” if a post helps solve your problem !

Read more about how and why to accept solutions.
0 Likes Likes

Jon_Palo92
L1 Bithead
In response to kiwi

‎10-28-2025 10:52 AM

Hello @kiwi 

I’m working on a project where I need to apply a script to disconnect non-managed devices. So far, I’ve managed to send a command to disconnect the GlobalProtect VPN session on a Windows machine. However, as you’re aware, it automatically reconnects without requiring the user to enter their credentials again. I understand this behavior is due to the current settings in the Palo Alto firewall.

 

My question is: Is there a way on the Windows device to clear the cache, session, or any other stored data that would force the user to re-enter their credentials when the VPN reconnects or auto-connects?

0 Likes Likes
  • 94 Views
  • 2 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!

LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2025 - Palo Alto Networks