>
    Strata Copilot
    Supported Technologies
    Focus
    Download PDF
    Focus
    1. Home
    2. GlobalProtect
    3. GlobalProtect Administrator's Guide
    4. GlobalProtect Clientless VPN
    5. Supported Technologies
    Download PDF
    GlobalProtect

    Supported Technologies

    Table of Contents

    Supported Technologies

    Where Can I Use This?What Do I Need?
    • NGFW (managed by Panorama or Strata Cloud Manager)
    • Prisma Access (managed by Panorama or Strata Cloud Manager)
    • GlobalProtect Gateway license or Prisma Access license with the Mobile User subscription
    You can configure the GlobalProtect portal to provide secure remote access to common enterprise web applications. For best results, make sure you thoroughly test your Clientless VPN applications in a controlled environment before deploying them or making them available to a large number of users.
    The following Web application technologies are not supported:
    • Non-Web applications such as SSH, FTP, SMTP, Remote desktop protocol (RDP), and so forth
    • HTTP 2.0
    • Non-UTF-8 encodings
    • IPv6 deployment
    • Multiple transactions in HTTP such as NT LAN Manager (NTLM) authentication
    • Javascript ES6
    • Files are not rewritten other than HTML, Javascript, and CSS (for example, Flash, Java Applet, Microsoft Silverlight, PDF, XML, and so forth)
    • Other technologies (for example, Microsoft Silverlight or XML/XSLT)
    • Any content encodings (for example, Accept-Encoding: defalte, br)
    Technology
    Supported Version
    Web application technologies
    UTF-16 encoded files are not supported.
    • HTML
    • HTML5
    • HTML5-Web-Sockets
    • Javascript ES5 or earlier
    • RDP, VNC, or SSH
      • Virtual Desktop Infrastructure (VDI) and Virtual Machine (VM) environments, such as Citrix XenApp and XenDesktop, VMWare Horizon and vCenter support access natively through HTML5. You can RDP, VNC, or SSH to these machines through Clientless VPN without requiring additional third-party middleware.
      • In environments that do not include native support for HTML5 or other web application technologies supported by Clientless VPN, you can use third-party vendors, such as Thinfinity, to RDP through Clientless VPN.
    • Adobe Flash—With Clientless VPN, browsers can serve content that uses Adobe Flash, Microsoft Word documents, or Adobe PDFs. However, Clientless VPN cannot rewrite HTML URLs or links within Adobe Flash, Microsoft Word documents, or Adobe PDFs, which can prevent the content from rendering correctly.
    • Content encodings (for example, Accept-Encoding: gzip)
    Operating systems
    • Windows
    • macOS
    • iOS
    • Android
    • Chrome
    • Linux
    Supported browsers
    • Chrome
    • Edge
    • Internet Explorer
    • Safari
    • Firefox
    Supported authentication methods
    • Local Authentication
    • External Authentication
      • LDAP
      • SAML
      • Kerberos
      • RADIUS or TACACS+
    • Client Certificate Authentication
    • Two-Factor Authentication

    © 2026 Palo Alto Networks, Inc. All rights reserved.