09-06-2023 12:17 AM
We have global protect version 6.1.1-5
When we connect to the GP it's working fine. Once we connect to another firewall's GP and disconnected from it and try to connect again to same firewall then we get the error "certificate is not singed by CA"
For example :
Let's assume Site A is having a firewall cluster and Site B is having a firewall cluster. If we connect to Site A firewall GP connects successful and then if we disconnect from site A and connect to site B then also GP connects without any issues. If we try to disconnect from site B and connect to site A again then we are getting the above mentioned error.
Any solutions for this ?
10-24-2023 03:37 PM
The recommendation (based on my understanding) is to ensure that both siteA and siteB are using publicly signed certificates for the Global Protect. Because you do not mention it, I am not sure to presume they are publicly signed. I am not sure if you are using 2 different portals (siteA portal with 2 gateways.. siteA and siteB?). There are so many variables, that is makes sense to open a TAC web case to get this properly troubleshot.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
