02-11-2026 02:02 PM
Hi All,
We are currently experiencing the following error when attempting to log into Global Protect ( screenshot attached ). Curiously this is happening after getting prompted via Duo . We are using SAML Identity provider for authentication via DUO . All was working fine until yesterday . The last relevant Global Protect logs make reference to an expired cookie error . Nothing has changed on the Duo side as well the GP config . I have tried to disable the encrypt / decrypt cookie certificate on both the Portal and Gateway , also adjusted some the lifetime settings with no success .
Has anyone experienced that before ?
Thank you in advance
02-13-2026 01:21 PM
Is the clock correct on your firewall? Any changes to the NTP server settings? Is the cookie certificate still valid?
Is there anything interesting in the gpsvc.log file in the cli when reproducing this issue?
`less mp-log gpsvc.log` to view this log file
02-16-2026 02:25 AM
unfortunately theres not a lot of information to work with here
did you verify the link with DUO is still 'valid': no expired certificates, no new security policy that blocks access to duo, different NAT, expired service account,...
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
