Certificate Error in Global Protect Portal

L0 Member

Following these changes sorted the issue for me. Thanks.

L2 Linker


I'm trying to use a certificate from our Corporate CA (Windows 2003) with GlobalConnect Gateway and Portal

I've loaded the certificate, the private key  and the root certificate. I've marked the root certifcate as Trusted Root CA.

PaloAlto Corporate CA.png

I've configured the gateway with the server certificate, but I get this error:

Error GlobalConnect.PNG

What kind of certificate should I issue ?

L1 Bithead

SistemasCajamar - Your MS PKI certificate template may not have the proper attributes set, such as client authentication, or IPSec.

L1 Bithead

Hi Kanish,

I followed your examples for creating certificates for Global Protect..  But for some reason the portal or connecting via the Global Protect Client do not work..  The Portal just times out and client doesn't produce any errors or authentication window..

It only seems to work when l use the "web-server" local host device certificate within the Firewall..  But l don't want to use this as it is generating CN Host mismatch errors from the Global Protect Client..

We are using PAN OS " 5.0.3  and Global Protect Client 1.2.4

Thanks any help would be appreciated..


Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!