GlobalProtect App 5.0 Beta for iOS 12

by ebang 2 weeks ago - edited Tuesday by Community Manager (2,649 Views)

GlobalProtect app 4.1.x and earlier releases do not support iOS 12. With added support for iOS 12 in the upcoming GlobalProtect app 5.0 for iOS, Palo Alto Networks is announcing the beta availability of GlobalProtect app 5.0 for iOS to prepare you for the iOS 12 release.


NOTE: GlobalProtect app 5.0 beta supports iOS 10 and later releases.


You can register to test GlobalProtect app 5.0 beta at: Upon registration and approval, you will be provided with the GlobalProtect app 5.0 beta software and related documentation, including the beta Release Notes, New Features Guide, and MDM VPN profile configuration details. You can also view the beta documentation on the Live Community Beta Portal.


NOTE: After your beta registration is approved, you will receive an email from the Apple TestFlight program to the email address that you provided during registration. Please open this email from your iOS endpoint, and then follow the instructions to install the TestFlight app and then GlobalProtect app 5.0 beta from within the TestFlight app.


This article provides the following information on how to deploy GlobalProtect app 5.0 beta to beta users:


NOTE: We recommend that GlobalProtect app 5.0 beta users uninstall GlobalProtect app 4.1.x before installing GlobalProtect app 5.0 beta on their iOS endpoints.


Replacing GlobalProtect App 4.1.x and Earlier Releases with GlobalProtect App 5.0 Beta for Beta Users

Use the following workflows to replace GlobalProtect app 4.1.x and earlier releases with GlobalProtect app 5.0 beta for beta users on iOS endpoints:

Beta Deployment options


Manual installation of GlobalProtect app 5.0 beta

All beta users must use the following steps to install GlobalProtect app 5.0 beta manually:

1.     Take note of your portal address and user credentials (if applicable), as you will need to re-enter them on the new GlobalProtect app.

2.     Uninstall previous versions of the GlobalProtect app (4.1.x and earlier releases) from your iOS endpoint.

3.     Install the TestFlight app from the App Store.

4.     Contact your GlobalProtect administrator to request access to GlobalProtect app 5.0 beta.

5.     When you receive the beta invitation email, tap the link to Open in TestFlight.

6.     From the TestFlight app, INSTALL GlobalProtect app 5.0 beta.

7.     After GlobalProtect app 5.0 beta installs successfully, launch the app.

8.     When prompted, enter the following information:

·       Portal Address

·       (Optional) Username and Password

Deployment of VPN profiles for beta users from a mobile device management system

(for managed endpoints)

If you manage iOS endpoints using a mobile device management (MDM) system, use the following steps to deploy a VPN profile for your beta users from the MDM:

1.     On the MDM, create a custom VPN profile.

a.     (Optional) If you are using client certificate-based authentication, deploy a client certificate.

b.     (Optional) If you are using MDM integration for HIP-based policy enforcement, specify the UDID attribute.

2.     Deploy the custom VPN profile on all enrolled iOS endpoints that will be using GlobalProtect app 5.0 beta.

3.     Delete the VPN profiles and client certificates associated with previous versions of the GlobalProtect app (4.1.x and earlier releases) from the MDM.

After you deploy the VPN profile, beta users must re-enter any information that is not pushed from the MDM server on the new app:

1.     Launch GlobalProtect app 5.0 beta.

2.     (Optional) If your MDM administrator has not specified a portal address in the VPN profile, enter the Portal Address.

3.     (Optional) If prompted, enter your Username and Password.

Mobile Device Management Changes for Beta Users

In order for GlobalProtect app 5.0 beta to deploy and connect successfully in MDM-based deployments, you must push updated VPN profiles that reference the new GlobalProtect app from the MDM server to all enrolled mobile endpoints that will be using the app.


NOTE: You can contact your MDM vendor for assistance with implementing these changes.

by DrewMorrow
2 weeks ago
by Community Manager
2 weeks ago

Thanks for the report @DrewMorrow.

We'll review and fix asap

by Community Manager
2 weeks ago

@DrewMorrow fixed!

a week ago

I can hit the beta site with no issue. I have no devices listed and click submit, to get to the next step, but an error message appears:


"Please select devices."


So I'm still in a catch 22. The beta site says that if you don't have any devices listed, click submit. And when I do, I get the above. 


Any suggestions?





by Community Manager
a week ago



Have you gone through the registration and have you received confirmation you were onboarded succesfully?

if so, you'll want to reach out to to have your serial numbers added to the elegible devices

by DrewMorrow
a week ago

Hi @reaper

I registered but have yet to be confirmed. Will the code I get allow me to send it to a couple users? Or is it a one time use kind of thing?


Should I share the app download code once I get it?



by Community Manager
a week ago

hi @DrewMorrow


a serial of one of your devices needs to be activated to be elegible to download the software, but after that it lives on the firewall pretty much the same way other GP clients do, and you can distribute to as many users as you like

You will not be able to share the software from the support portal directly, except for other users in your org that have access to the support portal. You will be able to download the installer and distribute it internally, or host it on the firewall's GlobalProtect portal 


hope this helps!

by WTam

 Here is the correct beta registration link:



by WTam

@DrewMorrow and @reaper


The iOS beta software is by invite only.  It can only be download to Apple device only and cannot be distribute by the firewall.. 


You should have received an email with TestFlight link from Apple.

Open the  invitation and click "View in TestFlight".

It should have opened the web page with redeem code button and save this code.

Click the link to install TestFlight. After the install and open TestFlight it will say "Tester Removed". (It's OK.)

Now click REDEEM button and enter the new redeem code that you just saved.




by DrewMorrow

Hi @WTam,

Is it possible to get a user the IOS app? Or would they need to make an account and have our firewall info in order to do so?


I got it working fine on mine.



Ignite 2018, Amsterdam, Netherlands
Ask Questions Get Answers Join the Live Community