01-22-2024 11:58 AM
Hi, I want to use global protect in Arch linux. I looked for the setup file at link which only exist with .deb and .rpm
anyone Know how could I make this possible for arch Linux
01-23-2024 11:05 AM
You can install the official one, I've done it several times on Arch both in my lab and with my corporate issued machine.
Extract the tgz file from the support portal.
Locate the GlobalProtect_UI_tar-X.Y.Z.tgz within that directory and extract it.
Go to the extracted directory, execute sudo ./install.sh
It should install without issue
Also if using SAML auth you have to add the default browser config, or it will fail when passing the SAML prompts with the system rendering engine.
To fix this edit /opt/paloaltonetworks/globalprotect/pangps.xml with sudo or root permissions.
<?xml version="1.0" encoding="UTF-8"?>
<GlobalProtect>
<Settings>
<can-continue-if-portal-cert-invalid>yes</can-continue-if-portal-cert-invalid>
<default-browser>yes</default-browser>
Note: can-continue-if-portal-cert-invalid>yes</can-continue-if-portal-cert-invalid is required if you use *.gpcloudservice.com for your Prisma portal, otherwise you shouldn't set this option.
01-23-2024 07:57 AM
Hi, @lidewu Thanks!
As I want to use this in a organisation is it safe as per the organisation
01-23-2024 11:05 AM
You can install the official one, I've done it several times on Arch both in my lab and with my corporate issued machine.
Extract the tgz file from the support portal.
Locate the GlobalProtect_UI_tar-X.Y.Z.tgz within that directory and extract it.
Go to the extracted directory, execute sudo ./install.sh
It should install without issue
Also if using SAML auth you have to add the default browser config, or it will fail when passing the SAML prompts with the system rendering engine.
To fix this edit /opt/paloaltonetworks/globalprotect/pangps.xml with sudo or root permissions.
<?xml version="1.0" encoding="UTF-8"?>
<GlobalProtect>
<Settings>
<can-continue-if-portal-cert-invalid>yes</can-continue-if-portal-cert-invalid>
<default-browser>yes</default-browser>
Note: can-continue-if-portal-cert-invalid>yes</can-continue-if-portal-cert-invalid is required if you use *.gpcloudservice.com for your Prisma portal, otherwise you shouldn't set this option.
01-24-2024 07:52 AM
Hi @jfarm, Thanks!
I had already edited that but it working once after each reboot. As, I discconect and try to reconnect it won't and give Error: Default Browser not enabled
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
