What's stored in the GlobalProtect encrypted cookie on the endpoint?

Showing results for 
Show  only  | Search instead for 
Did you mean: 

What's stored in the GlobalProtect encrypted cookie on the endpoint?

L0 Member
Does anyone know what data is stored in the GlobalProtect authentication cookie?
Is it something like a session token, session data unique to that connected VPN session? Would it contain user credential information if it's not a pre-logon setup? I know it can be setup to only be accepted from the original endpoint IP it was issued to, but is there anything else keeping it from being used on another machine?

L6 Presenter

I don't have any particular knowledge of what is in the auth cookie, but I believe it is just a cert-signed session token. I currently use auth cookies to handle login to multiple gateways (different IPs) from a single portal. Just use a unique cert for auth and copy it (and the private key) to multiple PAs.

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!