This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences

Anyone got Global Protect 6.1.0 for Linux to work on Ubuntu 22.04?

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

Anyone got Global Protect 6.1.0 for Linux to work on Ubuntu 22.04?

Go to solution
Jonas_thell
L0 Member

‎03-27-2023 06:04 AM - edited ‎03-27-2023 06:22 AM

We had a quick test and still got the SSL handshake failure. Anyone got it to work and can share anything on how?

 

The version 6.1.0 is supposed to work on Ubuntu 22.04.

 

Thanks!

 

Br

Jonas

1 person had this problem.
0 Likes Likes
1 accepted solution

Accepted Solutions

Go to solution
JonGross
L1 Bithead

‎03-27-2023 09:09 AM

Yes, we have it working.

When connecting to Global Protect and authenticating to Azure SAML, the embedded browser on Linux machines will fail during TLS handshaking .    Force the client to use Firefox or what ever is the default browser.
 
Stop the Global Protect service.
sudo systemctl stop gpd.service
 
Create a new entry in the /opt/paloaltonetworks/globalprotect/pangps.xml configuration file.  Set the default-browser value to yes under <Settings>.
 
Example:
 
<?xml version="1.0" encoding="UTF-8"?>
<GlobalProtect>
    <Settings>
        <default-browser>yes</default-browser>
        
   <Settings>
 
Reboot. 
 

View solution in original post

8 REPLIES 8

Go to solution
JonGross
L1 Bithead

‎03-27-2023 09:09 AM

Yes, we have it working.

When connecting to Global Protect and authenticating to Azure SAML, the embedded browser on Linux machines will fail during TLS handshaking .    Force the client to use Firefox or what ever is the default browser.
 
Stop the Global Protect service.
sudo systemctl stop gpd.service
 
Create a new entry in the /opt/paloaltonetworks/globalprotect/pangps.xml configuration file.  Set the default-browser value to yes under <Settings>.
 
Example:
 
<?xml version="1.0" encoding="UTF-8"?>
<GlobalProtect>
    <Settings>
        <default-browser>yes</default-browser>
        
   <Settings>
 
Reboot. 
 

Go to solution
Jonas_thell
L0 Member
In response to JonGross

‎03-30-2023 04:07 AM

Thank you for this solution!

 

Br

Jonas

0 Likes Likes

Go to solution
raghavendra.badiger
L2 Linker

‎05-09-2023 08:17 AM

This doesn't work for me, I get following error:

 

Authentication Failed

Please contact the adminsitrator for further assistance

Error code: -1

 

I have SAML authentication setup and authentication is successful on the machine. Has anyone seen this error before?

 

Regards,

Raghav

 

0 Likes Likes

Go to solution
JonGross
L1 Bithead

‎05-09-2023 08:29 AM

You can try this.  It disables OpenSSL version 3. This is using the GUI version on Ubuntu 22.

Modify the file /usr/lib/ssl/openssl.cnf.
At the end of the file you’ll see:

[system_default_sect]
CipherString = DEFAULT:@SECLEVEL=2

Change that to:
[system_default_sect]
CipherString = DEFAULT:@SECLEVEL=1
Options = UnsafeLegacyRenegotiation

Reboot and connect to the GP VPN portal.

0 Likes Likes

Go to solution
raghavendra.badiger
L2 Linker
In response to JonGross

‎05-15-2023 12:25 AM

I tried this too, since Ubuntu 22 has issues with SSL.

 

Both GUI and CLI GlobalProtect doesn't work, tried multiple reboots as well.

0 Likes Likes

Go to solution
juan.molleda
L0 Member

‎06-12-2023 03:50 AM

Using Okta, the GUI version works for me, but I am struggling to enable the CLI version

0 Likes Likes

Go to solution
cdoublejj
L0 Member

‎11-07-2024 07:15 AM

i get 90% of the way there but, the 365 auth web page says to click here to relaunch G.P. and GP never launches. PopOs (Ubuntu) 22.04 LTS

0 Likes Likes

Go to solution
cdoublejj
L0 Member

‎11-07-2024 07:59 AM

 

EDIT: well what ever happened, the continue button the cert warning windows is now permanently greyed out. it says the identity can't be verified, continue anyway is greyed out.

0 Likes Likes
  • 1 accepted solution
  • 10313 Views
  • 8 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!

LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2024 - Palo Alto Networks