as you said there is one portal at `hq and gateways at multiple locations where that portal is shown on client pc? web gui which we access is called portal? where portal will show gateway information? 2 - but what if HQ portal is down? are we still able to connect? 3- why are we connecting to nearest gateway? i am in singapore so i have connected singapore portal but i am connecting to access HQ server which is in UK so how that connection will reach there?
Hi Abdul, Thanks for comment, The concept is, There will be a portal which you can configure anywhere (For example i chosen HQ). Portal will have HA configured. Once you are connected to portal, you will get gateway information and you global protect app will try to connect. Detailed video will come.
hi, thanks for the explanation, very good. I have one question: its possible to restrict the access to only a specific country? i mean, only workers in a same country? Thanks
is it possible to have an SSL VPN over IPv4? My ISP gave me for the IPv4 a private IP and I want to connect home whenever I am away, but thorough IPv6.
In the GlobalProtect Gateway configuration is that the Outside interface? Trying to setup this on AWS but the IPV4 option just gives me the None option.
In testing you installed global protect and tested the connection from home machine to inside (server) . But in Nat and policy you allowed inside to outside only how it is woking. actually u tested from outside to inside right.. please help me to understand/clarify my doubt please. waiting for a response...
Hi Balaji, The Nat policy is always from inside to outside. As the server is in our inside network like in our internal organization so whenever outside user want to access our inside server through internet and connect to Global protect for accessing the seever, so the return traffic from server to user request required NAT from inside to outside.
Good evening, I have A question. Where Do I Have to put the user for remote VPN? I have tried to log into my VPN with my user And I've couldn't log into my Palo Alto firewall
Sir Lecture and Explanation are Very Good, but I don't know why I am not able to connect PAN VPN it is showing "Gateway Gateay: The server certificate is invalid. Please contact your IT administrator"
Great video Sir! Just want to point something that I faced, if it could help someone. My GP Client does not allow me to install the first certificate created ('Root-Cert' in the video), so after install the 'Server-Cert' on Windows, the GP client keeps warning the certificate error, but does not allow to press 'continue'. Just had to manually export 'Root-Cert' from the firewall and install it on Windows as the other one.
Hello friend, could you share the images in qemu of your Palo Alto computer, and your Windows computer, to emulate the laboratory? Is it possible that with the same qemu images, I can implement the same lab in GNS3?
Hi Ranghel, Thanks for comment, Please follow the below link for Images. drive.google.com/drive/folders/1o85V30ndL25d-5cR6vMlnX6A9Cr_ZstX?usp=sharing Not Sure About, either you can run on GNS3 or Not, i believe, it is not possible.
Thanks for comment Rafi. Please download it from below link. It is there in description box as well. drive.google.com/drive/u/2/folders/1o85V30ndL25d-5cR6vMlnX6A9Cr_ZstX
@@BikashsTech Thank you so much for sharing the software.. I didn't get success in connecting GP, I will do it again from the beginning and check. once again thanks for sharing.
How to Failover set ,in case client connected wan down ....how client connect fallback ip ,also how client ssl vs ipswc connection ....see when client connect it's shows ipsec vpn
To do this practical you have used a server as shown in eve. But u have done nothing on it. So it is necessary to install this server to perform this practical. 2 if we have to install then which server it is
![Palo Alto GlobalProtect VPN Configuration Step by Step [2024]](http://i.ytimg.com/vi/Dj-rjuX9I_E/mqdefault.jpg)
more informative and anybody can understand easily .. Thanks for your videos
as you said there is one portal at `hq and gateways at multiple locations where that portal is shown on client pc? web gui which we access is called portal? where portal will show gateway information?
2 - but what if HQ portal is down? are we still able to connect?
3- why are we connecting to nearest gateway? i am in singapore so i have connected singapore portal but i am connecting to access HQ server which is in UK so how that connection will reach there?
Hi Abdul,
Thanks for comment,
The concept is, There will be a portal which you can configure anywhere (For example i chosen HQ). Portal will have HA configured.
Once you are connected to portal, you will get gateway information and you global protect app will try to connect.
Detailed video will come.
Great...
Hi ,
Is there any open source for hands-on work to do practice on it.
Very nicely explained. Thanks
Dear its great and simple
Great video, thank you for sharing!
hi, thanks for the explanation, very good. I have one question: its possible to restrict the access to only a specific country? i mean, only workers in a same country? Thanks
Not recommended. As anyone can use a proxy and bypass country limitations.
is it possible to have an SSL VPN over IPv4? My ISP gave me for the IPv4 a private IP and I want to connect home whenever I am away, but thorough IPv6.
Thanks sir you are a great teacher ...Guru ji...thanks a lot...
In the GlobalProtect Gateway configuration is that the Outside interface? Trying to setup this on AWS but the IPV4 option just gives me the None option.
you a
re great sir....nice explanation!!!!!!!!!!!!!
Thanks sir for your great explain
Thank you, it was very informative.
Superbbb Sir
And thanks for your great explanation on global protect
yes pleas we want you to explain to us how host configuration .. Thanks
In testing you installed global protect and tested the connection from home machine to inside (server) . But in Nat and policy you allowed inside to outside only how it is woking. actually u tested from outside to inside right.. please help me to understand/clarify my doubt please. waiting for a response...
Hi Balaji,
The Nat policy is always from inside to outside. As the server is in our inside network like in our internal organization so whenever outside user want to access our inside server through internet and connect to Global protect for accessing the seever, so the return traffic from server to user request required NAT from inside to outside.
Great Video, Bikash !
I have a question :
How to make it using IPSEC, instead of SSL ?
Hi Mai,
Please checkout the site to site VPN video.
Good evening, I have A question. Where Do I Have to put the user for remote VPN? I have tried to log into my VPN with my user And I've couldn't log into my Palo Alto firewall
Hi Jose,
To login to Remove VPN, we need create user.
To login into the device, we need to Create Adminitrator.
Can you explain the backend process of connectivity of Global Protect....I mean As soon as i hit the connect button how the global protect works???
Yes I did it, thank you very much my friend
Well done Bikash, your hard work is really appreciated
Thank you,
Bikash!
Hi Bikash. Can you explain in detail step by step how to migrate Cisco anyconnect vpn to Palo alto global protect?
Wonderful suggestion.
i will try to cover in upcoming videos.
Hi bikash could you please upload cisco ise video training
Hi sir...
Please guide or make tutorial about panorama.. 🙏🏻
Thanks for your video...
Could you please explain indetail of what is root cert why it is using
Server cert why it is using
Nice video.. Looking for more help for my setup..
very useful sir - thank you
Hello Sir, Please create a video on "HOST PROTECT".
I request to you please explain about SSH ciphers and SSL ciphers
good explanation
Thanks sir ,This video are very informative Please share video regarding HIP checking and user based access in global protect
Make a detailed video on clientless vpn upload.
Sir Lecture and Explanation are Very Good, but I don't know why I am not able to connect PAN VPN it is showing "Gateway Gateay: The server certificate is invalid. Please contact your IT administrator"
Yup. It is certificate issue. I have Explained in video. If issue persists. Please let me know
@@BikashsTech hi i tried the same thing and i install the certificat bit i have "the server certificate is invalid" please help me
Great video Sir! Just want to point something that I faced, if it could help someone. My GP Client does not allow me to install the first certificate created ('Root-Cert' in the video), so after install the 'Server-Cert' on Windows, the GP client keeps warning the certificate error, but does not allow to press 'continue'. Just had to manually export 'Root-Cert' from the firewall and install it on Windows as the other one.
Which laptop you use, configuration please
I am not using laptop. I am using desktop. I7 and 32 gb ram.
How to get public ip for paloalto untrust interface on eve-ng lab
your are amazing sir thanks for help...
Hi there,which is the step where configuring username and password for GlobalProtect portal?Thanks!
Hi Mgabelz,
You can create a local password or you can configure AD to authenticate.
Hello friend, could you share the images in qemu of your Palo Alto computer, and your Windows computer, to emulate the laboratory? Is it possible that with the same qemu images, I can implement the same lab in GNS3?
Hi Ranghel,
Thanks for comment,
Please follow the below link for Images.
drive.google.com/drive/folders/1o85V30ndL25d-5cR6vMlnX6A9Cr_ZstX?usp=sharing
Not Sure About, either you can run on GNS3 or Not, i believe, it is not possible.
🌹💐
Thanks for nice video. Please explane what is difference if I create loopback or tunnel for terminating VPN.
Will explain in upcoming video.
@@BikashsTech thank you
Hello Sir
Please let me know while connecting to SAML After authentication , i received an error code -1,Can you please let me know how to resolve it.
I am not able to download Globel protect from the global protect portal. can you guide
Thanks for comment Rafi.
Please download it from below link. It is there in description box as well.
drive.google.com/drive/u/2/folders/1o85V30ndL25d-5cR6vMlnX6A9Cr_ZstX
@@BikashsTech Thank you so much for sharing the software.. I didn't get success in connecting GP, I will do it again from the beginning and check. once again thanks for sharing.
Hello Sir,
what is the username and pass for global protect portal in this i am unable to log in
Thanks for comment.
You need create username and password in paloalto firewall i explained in video
@@BikashsTech thanks it worked. but how you have configured internet router ?is this any router or you have configured cloud?
What is your fees for Palo Alto class
Hi Pankaj, I do not provide Training. If i can help you with some topics or issue. Please let me know. Thanks for comment 😀
Sir, Please make vedio on ACC and Split tunneling
Bro how you upload or download global connect on paloalto
Make a video about qos
Great !
How to Failover set ,in case client connected wan down ....how client connect fallback ip ,also how client ssl vs ipswc connection ....see when client connect it's shows ipsec vpn
To do this practical you have used a server as shown in eve.
But u have done nothing on it.
So it is necessary to install this server to perform this practical.
2 if we have to install then which server it is
I have a Cisco router and enable telnet and HTTP services on it
do HIP immediaetly bro PLZZZZZZ
Move away from SSL VPN. Hackers are getting good at exploiting the SSL shared keys. Try zero trust
Dude, work on that Audio...
Thanks for your feedback. I will surely work on coming videos
Great! Thanks
Your Video not clear
Thank you good man🫶
Very helpful video ... Simple way explanation.. thank you sir