GlobalProtect 4.1 has been released

by a week ago - last edited a week ago (998 Views)

GlobalProtect has been around since 2012 and has received many updates and new features except for the interface, which has stayed the same up until now:  In GlobalProtect 4.1 the splash screen and settings menu have a nice facelift and a more friendly look.


Left: Mac OSX in 'always-on' mode, right: Windows 10 in 'on demand' modeLeft: Mac OSX in 'always-on' mode, right: Windows 10 in 'on demand' mode

When you access the settings settings.png


One of the new features you'll see immediately is the ability to add portals!

add multiple portals.png


This will allow you to connect to multiple different customers, partners or suppliers without changing the portal address each time, as you did before. GlobalProtect 4.1 is backwards compatible to PAN-OS 7.1, so your contacts do not need to upgrade to PAN-OS 8.1 right away to be able to receive your connections.


Another new 'feature' introduced in 4.1 is the availability of a GlobalProtect Linux client, currently supported on Ubuntu 14.04 and later, RHEL 7.0 and later, and CentOS 7.0 and later. It supports user-logon and on-demand connection methods, and it is capable of split tunneling and SSL and IPSec connections.


The Linux client can be downloaded from the Support portal Software Updates page.


If you want to check out all the new features added to GlobalPortect 4.1, check out New Features Released in GlobalProtect App 4.1.


You can download the new client (any operating system) from the support portal sofware updates page:

Or you can load the client package onto the firewall and download (Windows or Mac) it via the GlobalProtect portal:

GlobalProtect Client.png

portal download.png


Mobile versions of 4.1 are also available in the Apple AppStore and Android/Google Play Store.




Stay frosty!

Reaper out!


by Chris_Vincent

Has anyone had any issues with the agent authentication with 4.1.


I had two factor authentication setup on external gateways combined with AD authentication as a primary method of authentication.


In previous version 4.0.x global protect automatically used by windows logon credentials.  However when I now logon to windows and attempt to sign in to Global Protect the initial authentication now fails, unless I manually re-add the domain (am using kerberos).  This never happened in 4.0.x and I havent changed any of the agent or authentication settings.


Debug shows that the AD domain and user name is being passed through but this is not working.


As an aside, the RSA logon prompt cursor also appears in the username rather than password field....which suggest maybe this release is a bit unfinished...


Hi @Chris_Vincent

Have you raised this issue with support yet? Since 4.1 is brand new there could be some issues, if you do reach out to support, please keep us posted too! :)

Ask Questions Get Answers Join the Live Community