Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- Get Started
- News & Events
- Collaboration
- Education Services
- Technologies
- Next-Generation Firewall
- GlobalProtect
- Threat Prevention Services
- Endpoint Protection
- SSL Decryption
- App-ID
- Content-ID
- User-ID
- 5G
- IoT Security
- Cloud Identity Engine
- Panorama
Network Security
- Prisma Access
- Prisma Cloud
- Prisma SD-WAN
- CN-Series
- VM-Series:
- Private Cloud
- OCI
- Alibaba
- AWS
- GCP
- Azure
Cloud Security
- Cortex XDR
- Cortex XSOAR
- Cortex Data Lake
- Cortex Xpanse
Security Operations
- Resources
- COVID-19 Response Center
About ChrisVee
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- LIVEcommunity
- About ChrisVee
08-23-2021
3Posts
2Likes
0Solutions
Aug 23, 2021Last Visited
User
Activity
User
Profile
Latest posts by ChrisVee
| Subject | Views | Posted |
|---|---|---|
| 699 | 08-10-2021 11:11 PM | |
| 3152 | 05-06-2020 05:18 PM | |
| 3178 | 05-06-2020 04:34 PM |
My Liked Posts
| Subject | Likes | Posted |
|---|---|---|
| 1 Like | 08-10-2021 11:11 PM | |
| 1 Like | 05-06-2020 05:18 PM |
User Badges
Community Statistics
| Member Since | 11-13-2018 01:57 PM |
| Date Last Visited | 08-23-2021 08:48 PM |
| Posts | 3 |
| Total Likes Received | 2 |
08-10-2021
11:11 PM
1 Kudo
I manage many GlobalProtect VPN environments. One inparticular annoys me, in its portal configuration it uses the Palo Alto web browser for SAML authentication. As a result .... because I have used the GP web browser for authentication in the past.... I can't seem to clear the user it tries to authenticate with against other GlobalProtect environments who also are using SAML web browser auth via the GlobalProtect browser. Portal address --> SAML AUTH --> AzureAD --> GP Browser popup (stuck with username from previous login). Unfortunately I don't have the authority to change it to use the user's default browser, which would work around this issue. How can I clear the logged in user being used in GlobalProtect web's browser so i can login to different GP saml auth portals?
... View more
05-06-2020
05:18 PM
1 Kudo
Resolved ! So it wasn't any content change, in the end or anything, it was due to someone removing my access to the destination via RDP in the past week with user-id restrictions on the destination. This resulted in the policy-deny to take place, but still, the odd thing is the App-id recognised ONLY in the deny messages is cotp. Once I corrected the group membership and my user-id was allowed in, the app-id was recognised as ms-rdp correctly. Hope this helps someone else. Maybe something to correct from a firewall traffic log standpoint, this would have streamlined troubleshooting if the traffic was blocked and the app-id read ms-rdp as expected.
... View more
05-06-2020
04:34 PM
Did you end up resolving this ? PANOS 8.1.12 App content 8264-6059 installed. Was working last week. Now I log into a client site and instead of ms-rdp , my traffic is blocked cotp as the app-id. Confirmed its TCP traffic. I prefer not to just add cotp to my security policy, since that doesn't really fix the problem just works around it and adds something I'm not condoning at this point.
... View more
LEGAL NOTICES
Copyright 2007 - 2021 - Palo Alto Networks
