This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences

GlobalProtect issue on Android device

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

GlobalProtect issue on Android device

Go to solution
FarzanaMustafa
L4 Transporter

‎02-09-2021 08:52 PM

Error message: gateway external server cert is invalid

 
Only for Android users who are using GP version 5.1 or 5.2.
 
No issues with 5.0. Using PANOS 9.1.3
 
Using Public Certificate and we only received 1 PEM file from the client.
The server cert (SSL1_Networkscomms) is standalone. Not sure how to add it to the cert chain.
 
Certificate.jpg
Added the Root CA and Intermediate CA :
 
FarzanaMustafa_0-1612932636837.png

 

Do I need to install the server cert on the Android device to make GP work?
 
1 accepted solution

Accepted Solutions

Go to solution
BPry
Cyber Elite
Cyber Elite
In response to FarzanaMustafa

‎02-10-2021 02:12 PM

@FarzanaMustafa,

What actually signed the SSL1_Networkscomms? Sounds like the cert if possibly just signed by the intermediate CA and not the actual root CA, so you just need to create a combination certificate and import that. The following KB will walk you through that process.

 

https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClkoCAC

View solution in original post

0 Likes Likes
3 REPLIES 3

Go to solution
ihateds
L0 Member

‎02-09-2021 11:53 PM - edited ‎04-15-2021 10:39 PM

GlobalProtect for Android connects to a GlobalProtect gateway on a Palo Alto Networks next-generation firewall to allow mobile users to benefit from enterprise security protection. Enterprise administrator can configure the same app to connect in either Always-On VPN, Remote Access VPN or Per App VPN mode. The app automatically adapts to the end user's location and connects the user. echat chatspin

0 Likes Likes

Go to solution
FarzanaMustafa
L4 Transporter

‎02-10-2021 01:15 PM

Hi @BPry 

 

I need your suggestion please for this one.

0 Likes Likes

Go to solution
BPry
Cyber Elite
Cyber Elite
In response to FarzanaMustafa

‎02-10-2021 02:12 PM

@FarzanaMustafa,

What actually signed the SSL1_Networkscomms? Sounds like the cert if possibly just signed by the intermediate CA and not the actual root CA, so you just need to create a combination certificate and import that. The following KB will walk you through that process.

 

https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClkoCAC

0 Likes Likes
  • 1 accepted solution
  • 4377 Views
  • 3 replies
  • 1 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!

LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2024 - Palo Alto Networks