01-31-2012 04:11 PM
I'm trying to setup the Globalprotect VPN and have followed the (only partially helpful) GlobalProtect-Configuration-4.1.pdf to create certs and set everything up. When I try to connect to the portal site with my browser I get a certificate error - "Error code: sec_error_bad_signature".
It doesn't matter if I conect to the host name or the IP that I defined in the cert, I still get this error.
Does anyone know what the problem could be. Also, is there a way to actually see the certificates?
06-11-2012 04:05 AM
Following these changes sorted the issue for me. Thanks.
02-22-2013 02:09 AM
I'm trying to use a certificate from our Corporate CA (Windows 2003) with GlobalConnect Gateway and Portal
I've loaded the certificate, the private key and the root certificate. I've marked the root certifcate as Trusted Root CA.
I've configured the gateway with the server certificate, but I get this error:
What kind of certificate should I issue ?
06-24-2013 06:57 AM
SistemasCajamar - Your MS PKI certificate template may not have the proper attributes set, such as client authentication, or IPSec.
07-04-2013 10:53 PM
I followed your examples for creating certificates for Global Protect.. But for some reason the portal or connecting via the Global Protect Client do not work.. The Portal just times out and client doesn't produce any errors or authentication window..
It only seems to work when l use the "web-server" local host device certificate within the Firewall.. But l don't want to use this as it is generating CN Host mismatch errors from the Global Protect Client..
We are using PAN OS " 5.0.3 and Global Protect Client 1.2.4
Thanks any help would be appreciated..
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!