GlobalProtect Connection Failed for Some Client Certificate Users

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

GlobalProtect Connection Failed for Some Client Certificate Users

L1 Bithead

We have several GlobalProtect gateways using LDAP and client certificate for authentication. A few users have reported receiving the "Connection Failed. Gateway x: The network connection is unreachable or the gateway is unresponsive. Check the network connection and reconnect". This is received for all gateways. The users are Windows 10 users who have valid client certificates and the gateway Globalprotect log shows no attempted connections to the gateway by the affected users.

After checking the GP client PanGPA.log, the following was found: ERROR_WINHTTP_CLIENT_CERT_NO_ACCESS_PRIVATE_KEY. In checking certmgr.msc, the client certificate reports that the private key exists. I found references to this error after Windows 11 upgrades, but these users did not upgrade. The recommended fix was to remove the client cert and reissue it. We found that this does resolve the problem. After deleting the client cert and reissuing it, the user can successfully connect to GlobalProtect.

0 REPLIES 0
  • 3565 Views
  • 0 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!