05-22-2023 12:19 PM
The customer is using PAN-OS 10.2.4-h2, and configuring GlobalProtect agent setting "Use the Default System Browser for SAML Authentication" to "No" does not disable the default system browser for GlobalProtect SAML authentication.
The embedded browser in GlobalProtect does not work correctly and every time we try to logon though default system browser is set to NO. We see the default browser opens up.
This issue occurs on both Windows and macOS devices using GlobalProtect version 6.1.1. We are using Cloud Identity Engine as the SAML auth provider for GlobalProtect.
We also have another deployment using PAN-OS 10.1.6-h6 and GP Client - 6.0.1 on the gateway and we see embedded browser to work correctly.
We are testing using the same Windows/Mac Client with GP 6.1.1 and when connected to PAN-OS 10.2.4-h2 we see that embedded browser does not work correctly.
Has anyone faced the same issue before? I checked and cannot see anything documented in known limitations as well.
Thanks.
08-02-2024 12:27 PM
Make sure you have applied below in registry
Computer\HKEY_LOCAL_MACHINE\SOFTWARE\Palo Alto Networks\GlobalProtect\Settings
default-browser as yes
and in agent settings in portal mark default-browser as yes
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
