We are using Software Version - 8.0.8, Global Protect Agent - 4.0.4
One user is able to connect the VPN through portal but when accessed the URL from the internet still seeing the old certificate after new certificated mapped.
We tried to reinstall the GlobalProtect client by accessing the GlobalProtect portal so the client pulls the latest certificate but no luck.
Any idea how to fix this?
Thanks in advance.
This sounds like a client browser issue more than anything else. If the user accesses the portal via a different browser (such as Firefox/Chrome) do they still receive the old certificate?
If you're not interested in root cause or a real solution and just want to get past this issue, you can try a commit force from CLI or if you want to be even more aggressive you can restart the management plane (debug software restart process management-server).
8.0.8 is about a year old and is also 8 maintenance revisions back. There aren't any clear fixes in the release notes that account for this specific behavior, there are several medium- and high-priority vulnerabilities fixed since then it may be worth upgrading first to see if the issue is resolved. Doing the upgrade also does a system restart and a commit, so you can get up to a more current version and try the debugging steps above at the same time if you're able to upgrade.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!
The Live Community thanks you for your participation!