- Access exclusive content
- Connect with peers
- Share your expertise
- Find support resources
01-29-2025 01:47 AM
Hello everyone,
I have questions about the expected behavior of GlobalProtect.
Is it correct to assume that the GlobalProtect App will operate as follows depending on whether the Portal can be connected and whether there is a cache?
(I would appreciate an early response)
1. If the Portal can be connected when the client is started and logged in, if there is a cache, the Config will not be obtained from the Portal and a tunnel connection with the Gateway will be made.
2. If the Portal can be connected when the client is booted and logged in, if there is no cache, the Portal will be connected to, the Config will be re-obtained, and a tunnel connection with the Gateway will be made.
3. If the Portal cannot be connected when the client is booted and logged in, if there is a cache, the cached information will be used to tunnel connection with the Gateway.
4. If the Portal cannot be connected when the client is booted and logged in, if there is no cache, the Portal will not be accessed again and an error will be generated.
01-29-2025 08:44 PM
Hi @Y.Tsushima ,
GlobalProtect uses cached portal config in 3 scenarios:
Under normal circumstances, the Portal connection will be attempted, once connected the Config will be obtained, and a tunnel connection with the Gateway will be made.
If you are having trouble with connectivity and you have successfully logged in previously, the client will use the cached configuration to connect to the last known Gateway. If you have never logged in and cannot connect, the client will be unable to proceed with a Gateway connection and receive an error.
01-29-2025 09:48 PM
Hello @JayGolf
Thank you for your response.
> If you have never logged in and cannot connect, the client will be unable to proceed with a Gateway connection and receive an error.
I understand that if the portal connection is not possible during client boot and login, if there is no cache (no successful login history), the client will receive an error without retrying to access the portal.
*If I have misunderstood something, I would appreciate it if you could point it out.
One more thing to confirm.
Is my understanding of the following correct?
- If a portal connection is possible when the client starts up or logs in, the cache is not used, but the config is obtained from the portal and a tunnel connection is made to the Gateway.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!