GlobalProtect issue on Android device
cancel
Showing results for 
Search instead for 
Did you mean: 

GlobalProtect issue on Android device

L4 Transporter

Error message: gateway external server cert is invalid

 
Only for Android users who are using GP version 5.1 or 5.2.
 
No issues with 5.0. Using PANOS 9.1.3
 
Using Public Certificate and we only received 1 PEM file from the client.
The server cert (SSL1_Networkscomms) is standalone. Not sure how to add it to the cert chain.
 
Certificate.jpg
Added the Root CA and Intermediate CA :
 
FarzanaMustafa_0-1612932636837.png

 

Do I need to install the server cert on the Android device to make GP work?
 
1 ACCEPTED SOLUTION

Accepted Solutions

@FarzanaMustafa,

What actually signed the SSL1_Networkscomms? Sounds like the cert if possibly just signed by the intermediate CA and not the actual root CA, so you just need to create a combination certificate and import that. The following KB will walk you through that process.

 

https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClkoCAC

View solution in original post

3 REPLIES 3

L0 Member

GlobalProtect for Android connects to a GlobalProtect gateway on a Palo Alto Networks next-generation firewall to allow mobile users to benefit from enterprise security protection. Enterprise administrator can configure the same app to connect in either Always-On VPN, Remote Access VPN or Per App VPN mode. The app automatically adapts to the end user's location and connects the user. echat chatspin

L4 Transporter

Hi @BPry 

 

I need your suggestion please for this one.

@FarzanaMustafa,

What actually signed the SSL1_Networkscomms? Sounds like the cert if possibly just signed by the intermediate CA and not the actual root CA, so you just need to create a combination certificate and import that. The following KB will walk you through that process.

 

https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClkoCAC

View solution in original post

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!