GlobalProtect Portals General Tab
Table of Contents
Expand all | Collapse all
-
- Firewall Overview
- Features and Benefits
- Last Login Time and Failed Login Attempts
- Message of the Day
- Task Manager
- Language
- Alarms
- Commit Changes
- Save Candidate Configurations
- Revert Changes
- Lock Configurations
- Global Find
- Threat Details
- AutoFocus Intelligence Summary
- Configuration Table Export
- Change Boot Mode
-
- Objects > Addresses
- Objects > Address Groups
- Objects > Regions
- Objects > Dynamic User Groups
- Objects > Application Groups
- Objects > Application Filters
- Objects > Services
- Objects > Service Groups
- Objects > Devices
- Objects > External Dynamic Lists
- Objects > Custom Objects > Spyware/Vulnerability
- Objects > Custom Objects > URL Category
- Objects > Security Profiles > Antivirus
- Objects > Security Profiles > Anti-Spyware Profile
- Objects > Security Profiles > Vulnerability Protection
- Objects > Security Profiles > File Blocking
- Objects > Security Profiles > WildFire Analysis
- Objects > Security Profiles > Data Filtering
- Objects > Security Profiles > DoS Protection
- Objects > Security Profiles > Mobile Network Protection
- Objects > Security Profiles > SCTP Protection
- Objects > Security Profile Groups
- Objects > Log Forwarding
- Objects > Authentication
- Objects > Packet Broker Profile
- Objects > Schedules
-
-
- Firewall Interfaces Overview
- Common Building Blocks for Firewall Interfaces
- Common Building Blocks for PA-7000 Series Firewall Interfaces
- Tap Interface
- HA Interface
- Virtual Wire Interface
- Virtual Wire Subinterface
- PA-7000 Series Layer 2 Interface
- PA-7000 Series Layer 2 Subinterface
- PA-7000 Series Layer 3 Interface
- Layer 3 Interface
- Layer 3 Subinterface
- Log Card Interface
- Log Card Subinterface
- Decrypt Mirror Interface
- Aggregate Ethernet (AE) Interface Group
- Aggregate Ethernet (AE) Interface
- Network > Interfaces > VLAN
- Network > Interfaces > Loopback
- Network > Interfaces > Tunnel
- Network > Interfaces > SD-WAN
- Network > VLANs
- Network > Virtual Wires
-
- Network > Routing > Logical Routers > General
- Network > Routing > Logical Routers > Static
- Network > Routing > Logical Routers > OSPF
- Network > Routing > Logical Routers > OSPFv3
- Network > Routing > Logical Routers > RIPv2
- Network > Routing > Logical Routers > BGP
- Network > Routing > Logical Routers > Multicast
-
- Network > Routing > Routing Profiles > BGP
- Network > Routing > Routing Profiles > BFD
- Network > Routing > Routing Profiles > OSPF
- Network > Routing > Routing Profiles > OSPFv3
- Network > Routing > Routing Profiles > RIPv2
- Network > Routing > Routing Profiles > Filters
- Network > Routing > Routing Profiles > Multicast
-
- Network > Network Profiles > GlobalProtect IPSec Crypto
- Network > Network Profiles > IPSec Crypto
- Network > Network Profiles > IKE Crypto
- Network > Network Profiles > Monitor
- Network > Network Profiles > Interface Mgmt
- Network > Network Profiles > QoS
- Network > Network Profiles > LLDP Profile
- Network > Network Profiles > SD-WAN Interface Profile
-
-
- Device > Setup
- Device > Setup > Management
- Device > Setup > Interfaces
- Device > Setup > Telemetry
- Device > Setup > Content-ID
- Device > Setup > WildFire
- Device > Setup > ACE
- Device > Setup > DLP
- Device > Log Forwarding Card
- Device > Config Audit
- Device > Administrators
- Device > Admin Roles
- Device > Access Domain
- Device > Authentication Sequence
- Device > Device Quarantine
-
- Security Policy Match
- QoS Policy Match
- Authentication Policy Match
- Decryption/SSL Policy Match
- NAT Policy Match
- Policy Based Forwarding Policy Match
- DoS Policy Match
- Routing
- Test Wildfire
- Threat Vault
- Ping
- Trace Route
- Log Collector Connectivity
- External Dynamic List
- Update Server
- Test Cloud Logging Service Status
- Test Cloud GP Service Status
- Device > Virtual Systems
- Device > Shared Gateways
- Device > Certificate Management
- Device > Certificate Management > Certificate Profile
- Device > Certificate Management > OCSP Responder
- Device > Certificate Management > SSL/TLS Service Profile
- Device > Certificate Management > SCEP
- Device > Certificate Management > SSL Decryption Exclusion
- Device > Certificate Management > SSH Service Profile
- Device > Response Pages
- Device > Server Profiles
- Device > Server Profiles > SNMP Trap
- Device > Server Profiles > Syslog
- Device > Server Profiles > Email
- Device > Server Profiles > HTTP
- Device > Server Profiles > NetFlow
- Device > Server Profiles > RADIUS
- Device > Server Profiles > SCP
- Device > Server Profiles > TACACS+
- Device > Server Profiles > LDAP
- Device > Server Profiles > Kerberos
- Device > Server Profiles > SAML Identity Provider
- Device > Server Profiles > DNS
- Device > Server Profiles > Multi Factor Authentication
- Device > Local User Database > Users
- Device > Local User Database > User Groups
- Device > Scheduled Log Export
- Device > Software
- Device > Dynamic Updates
- Device > Licenses
- Device > Support
- Device > Policy Recommendation > IoT
- Device > Policy > Recommendation SaaS
-
- Network > GlobalProtect > MDM
- Network > GlobalProtect > Clientless Apps
- Network > GlobalProtect > Clientless App Groups
- Objects > GlobalProtect > HIP Profiles
-
- Use the Panorama Web Interface
- Context Switch
- Panorama Commit Operations
- Defining Policies on Panorama
- Log Storage Partitions for a Panorama Virtual Appliance in Legacy Mode
- Panorama > Setup > Interfaces
- Panorama > High Availability
- Panorama > Administrators
- Panorama > Admin Roles
- Panorama > Access Domains
- Panorama > Device Groups
- Panorama > Plugins
- Panorama > Log Ingestion Profile
- Panorama > Log Settings
- Panorama > Server Profiles > SCP
- Panorama > Scheduled Config Export
- Panorama > Device Registration Auth Key
GlobalProtect Portals General Tab
- NetworkGlobalProtectPortals<portal-config>General
Select the General tab to define the network
settings that the GlobalProtect app uses to connect to the GlobalProtect portal.
Optionally, you can disable the login page or specify a custom portal
login and help pages for GlobalProtect. For information on how to create
and import custom pages, refer to Customize the Portal Login, Welcome, and HelpPages in
the GlobalProtect Administrator’s Guide.
GlobalProtect Portal
Settings | Description |
|---|---|
Name | Type a name for the portal (up to 31 characters).
The name is case-sensitive and must be unique. Use only letters,
numbers, spaces, hyphens, and underscores. |
Location | For a firewall that is in multiple virtual
system mode, the Location is the virtual
system (vsys) where the GlobalProtect portal is available. For a
firewall that is not in multi-vsys mode, Location selection
is not available. After you save the portal, you cannot change Location. |
Network Settings | |
Interface | Select the name of the firewall interface
that will be the ingress for communications from remote endpoints
and firewalls. Do not attach an interface
management profile that allows Telnet, SSH, HTTP, or HTTPS to an
interface where you have configured a GlobalProtect portal or gateway
because this will expose the management interface to the internet.
Refer to Adminstrative Access Best Practices for
more details on how to protect access to your management network. |
IP Address | Specify the IP address on which to run the
GlobalProtect portal web service. Select the IP Address
Type and then enter the IP Address.
|
Log Settings | |
Log Successful SSL Handshake | (Optional) Creates detailed logs
of successful SSL Decryption handshakes. Disabled by default. Logs
consume storage space. Before you log successful SSL handshakes,
ensure you have the resources available to store the logs. Edit DeviceSetupManagementLogging and Reporting Settings to
check the current log memory allocation to and re-allocate log memory
among log types. |
Log Unsuccessful SSL Handshake | Creates detailed logs of unsuccessful SSL
Decryption handshakes so you can find the cause of decryption issues.
Enabled by default. Logs consume storage space. To allocate
more (or less) log storage space to Decryption logs, edit the log
memory allocation (DeviceSetupManagementLogging and Reporting Settings). |
Log Forwarding | Specify the method and location to forward
GlobalProtect SSL handshake (decryption) logs. |
Appearance | |
Portal Login Page | (Optional) Choose a custom login
page for user access to the portal. You can select the factory-default page
or Import a custom page. The default is None.
To prevent access to this page from a web browser, Disable this
page. |
Portal Landing Page | (Optional) Choose a custom landing
page for the portal. You can select the factory-default page
or Import a custom page. The default is None. |
App Help Page | (Optional) Choose a custom help
page to assist the user with GlobalProtect. You can select the factory-default page
or Import a custom page. The factory-default help
page is provided with the GlobalProtect app software. If you select
a custom help page, the GlobalProtect portal provides the help page
with the GlobalProtect portal configuration. When you leave the default
value of None, the GlobalProtect app suppresses
the page and removes the option from the menu. |