- Access exclusive content
- Connect with peers
- Share your expertise
- Find support resources
Enhanced Security Measures in Place: To ensure a safer experience, we’ve implemented additional, temporary security measures for all users.
03-29-2018 03:17 AM
We have upgraded our firewall to version 8.1 and the GlobalProtect agent to 4.1.
We use a certificate to authenticate with our GlobalProtect Agent but after the upgrade (8.0.5 and 4.0.3) nobody can't authenticate anymore.
In the logs I always see this:
First
'GlobalProtect portal user authentication succeeded. Login from: 10.1.2.10, Source region: 10.0.0.0-10.255.255.255, User name: STSCH@zeb.be, Auth type: client certificate.Client OS version: Microsoft Windows 10 Pro , 64-bit
After:
GlobalProtect portal client configuration failed. Login from: 10.1.2.10, Source region: 10.0.0.0-10.255.255.255, User name: STSCH@zeb.be, Client OS version: Microsoft Windows 10 Pro , 64-bit
03-29-2018 07:40 AM
The problem is in the PanOS version 8.1 and userID agent 8.1. UserID indentification does not work in the releases.
If you use this in your company don't upgrade to 8.1.0
03-29-2018 03:41 AM
is the portal/agent/config set to any user/group
03-29-2018 04:08 AM - edited 03-29-2018 04:13 AM
But now it is set to a specific security group in our Active-Directory. I'm member of this group and it worked before!
You solution works, but I would really like the Active Direcotry group.
03-29-2018 04:31 AM
I think I see what the problem is. I needed to install new UserID agents (8.1.0-66) and my users doesn't get mapped properly.
03-29-2018 06:00 AM - edited 03-29-2018 06:01 AM
i was not offering it as a solution, because of the log output that you provided it was obvious that the issue was with agent permissions.
03-29-2018 07:40 AM
The problem is in the PanOS version 8.1 and userID agent 8.1. UserID indentification does not work in the releases.
If you use this in your company don't upgrade to 8.1.0
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!