Globalprotect Portal failure

Showing results for 
Show  only  | Search instead for 
Did you mean: 

Globalprotect Portal failure

L1 Bithead

I tried to replicate a Globalprotect portal setup from another site and it fails with the following message:


  • GlobalProtect portal(Kawailoa_Portal) setting is invalid: auth-profile exist(method none), client-cert-profile none(no username).
  • (Module: sslvpn)
  • Commit failed


What am I missing?



Accepted Solutions

I'm sorry but @emr_1's identification of the issue/resolution is incorrect.  (If your desire is only cert auth)


Like @MickBall stated, if you're just wanting to do cert based auth you don't need anything in that main auth field.



Even @GIT_Sean mentioned the correct place as well.  For accuracy the correct "resolved" post should be identified.  (Now if you're doing more than cert auth and doing user auth as well then something is needed in the "Client Authentication" field)



View solution in original post


L5 Sessionator

You need to configure Client Authentication field.


If you just require certificate authentication then you may need to modify your certificate profile username field.

Cyber Elite
Cyber Elite

Hi @GIT_Sean,


The error message tells you that you haven't configured any authentication method for the portal.

It is surprising that only the SSL/TLS service profile is required field on this tab, but actually you need to define authentication method.


You can configure:

- Client authentication pointing to specific authentication profile (for RADIUS, TACACS, LDAP etc)

- Client machine certificate authentication only

- Or both - authentication profile and machine cert (this will require the user to put his credentials and to provide valid machine certificate


Looking at the error message it seems you haven't selected any authentication profile. If I am guessing you have copy-pasted the set commands for the portal, but you have forgot to copy-past the set commands for the server profile and the relevant authentication profile. For that reason when you have put the set commands for the portal, the line for configuring the client authentication was referring to invalid auth profile, there for it is being set to none.


Double check the setup you are trying to replicate and confirm what type of authentication you are using.

Thanks for the quick replies everyone. It turned out, I had an Authentication profile created, but I had failed to select a type (was set to None). Set it to Local Database, and it works now.

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!