How to configure Windows 10 so it can access modern apps such as Microsoft Company Portal when connected thru GlobalProtect VPN
Created On 11/04/19 21:35 PM - Last Modified 05/18/20 21:33 PM
- There's two ways of installing GlobalProtect (GP) app on Windows 10.
- First way is to download the GP app from Microsoft Store, Universal Windows Platform (UWP) version. Here the native VPN Group Policy is preconfigured and modern apps such as Microsoft company Portal works fine.
- The second way is to download the GP app from Palo Alto Support Portal or GlobalProtect portal (firewall). Here the VPN Group Policy must be modified on the local Windows machine for modern apps to work correctly.
- This article explains how to configure the VPN Group Policy when the app is downloaded from the Support Portal or GP Portal.
- Windows 10 all versions.
- GlobalProtect version 4.1 and above.
- PAN-OS 7.1 and above.
To allow modern applications hosted in the Microsoft Company portal when using the GP app. Please follow the steps below.
- From local Windows 10 search bar, type in "gpedit"
- Navigate to Computer Configuration/Administrative Templates/Network/Network Isolation and Enable Subnet Definitions are authoritative.
- Enable Private Networks ranges for Apps and add the internal network subnet range that the GP client needs to have access to.
- Restart the Windows machine.
- After the restart, log back into the Global Protect portal and verify the client is able to access the applications hosted in the Company Portal.