06-18-2022 04:13 AM - edited 06-18-2022 04:19 AM
As your question is more than a issue than a general tech question I will provide some feedback even before the session, just for example.
It could be what you said as you did a deep investigation and if this is the issue then better raise a feature request to palo alto to add this as an option in the Globalprotect portal app settings.Also most of the Cyber Elites don't work directly for Palo Alto as we are community members just like you and we love playing with Palo Alto 🙂
Still as I have not used globalprotect on Linux I can't say if you have to also check the Globalprotect SSL gateway certificate if it is valid and the CA certificate that signed it is imported as a trusted cert on your linux system as newer version of the globalprotect agent want this. Also you can check your globalprotect's version and firewall version for "Known Issues" or "Addressed Issues" with the Linux globalprotect agent as Palo Alto has public articles for this.
https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClixCAC
https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u000000HCF4CAO&lang=en_US
