GlobalProtect Quickplays

Showing results for 
Show  only  | Search instead for 
Did you mean: 
L4 Transporter
No ratings

Brief Description

A set of GlobalProtect API and set command configuration skillets based on the Quick Config Guides


Target Audience

This skillet is intended for Palo Alto Networks SEs, PSEs, Partners, and Customers that are using GlobalProtect and need a quick start configuration helper


Solution Details


Github Location:

Github Branches: panos_v90

PAN-OS Versions Supported: 9.x

Type of Skillet: panos, template (set commands)

Collections: globalprotect


Full Description

This skillet set is based on the GlobalProtect Quick Config guides and covers two common configuration options:


  1. Remote Access VPN
  2. Remote Access VPN with Pre-Logon


Remote Access VPN

Configures GlobalProtect elements including the gateway and portal. Also included is a reference LDAP auth profile and a local DB reference user.


Remote Access VPN with Pre-Logon

Adds pre-logon to the remote access VPN. Pre-logon is a connect method that establishes a VPN tunnel before a user logs in. The purpose of pre-logon is to authenticate the endpoint (not the user) and enable domain scripts or other tasks to run as soon as the endpoint powers on. Machine certificates enable the endpoint to establish a VPN tunnel to the GlobalProtect gateway. A common practice for IT administrators is to install the machine certificate while staging the endpoint for the user.


Deployment Note

These configs create security rules that do not contain any sort of security profile or logging configuration. Please utilize the best practice security profiles from the iron-skillet repository on the rules that get created and read the Best Practices documentation before deploying.




Rate this article:
Register or Sign-in
Article Dashboard
Version history
Last Updated:
‎03-09-2021 05:23 AM
Updated by: