Switch From Self-Signed Certificate to CA Signed on Globaprotect Fails

Hi,

Our users were running for some time using a self-sgined certificate with few errors and issues.

I was trying to install a wildcard certificate to replace the one in use, but no matter what I do, I ended up with the error message "The network conne

Certificate issue

When try to VPN we get a can't verify server Identity. The CA Cert Expired, I try to renew it and still didn't work. Then I generated a new one Try use Global Protect as the issue like the old one. But wouldn't let me after installing the GW cert. Ne

host reachability require in internal host detection

We have enabled internal host detection in GP portal with "enforce users to connect GP" option to yes. There is no internal portal and internal gateway configured.

When user walk into office GP connecting as a internal.

We have set our DNS server ip in

Global Protect Windows pre logon connection issue

While on log on page in Windows 10 machine when click on network icon at the bottom to connect with Global Protect it get stuck with checking status icon and don't proceed further.

GlobalProtect 

GlobalProtect: Pre-logon Authentication 

user is getting an incorrect certificate when trying to login to GlobalProtect

I have a user with a Windows 10 laptop who is getting a certificate error when trying to login to globalprotect. No one else is having this problem. The message is "The certificate CN name mismatch. The certificate is not issued to <our FQDN for the

Unable to Establish Global Protect VPN "this certificate has expired or is not yet valid"

Hi Team,

I am trying to configure Global Protect VPN but its not able to successfully established.

when I tried to connect, the error showing "Connection failed - network connection is unreachable or the gateway is unresponsive"

I checked troubleshooti

Globalprotect SAML User Group Mapping

Hi !

I am trying to get the User/Group mappings which are defined in Azure (Enterprise App - App Globalprotect)  transfered via SAML to our Portal/Gateway.
User-IP Binding works fine but I am missing the group associations.

I'd appreciate any kind of he

GlobalProtect keeps re-authenticating automatically

We need GlobalProtect setup with DUO via RADIUS and we need the user to have to manually re-auth after 11 hours. We have struggling to get this to work. Login Lifetime or Cookie Auth Expiration both automatically re-auth the user even when GlobalProt

Renew Global Protect Gateway & Portal Certificates

Hi All,

Greetings,

We are using certificate from external CA for Global Protect Portal and Gateway which is currently in production. 

It is expiring next week. What will be the best way to renew the certificate.

Thank & Regards

S Prasad

See the users version of Global Protect in Panorama

I am getting ready to test upgrading GlobalProtect using the "Allow Transparently" option of the upgrade for a small subset of users. I want to verify the upgrade worked from Panorama without reaching out to the user for verification that it worked.

Creating self signed Certificate for IOS device 14 and 15 on Palo Alto firewall

Hi Folks,

Our GP VPN Portal and Gateway Certificate had expired recently. When we created an new self signed certificate on Palo Alto firewall and mapped it to GP VPN Portal and Gateway.

We are able to connect to portal and Gateway and it is working

GlobalProtect iOS Certificate issue

Hello,

  I’m in the middle of trying to make a gateway for iOS devices and I’m having an issue. I use MobileIron to push out the config and it uses an MI SCEP cert; I’ve added the MI SCEP CA to the PAN device and set it up as the auth profile. If I o