This website uses cookies essential to its operation, for analytics, and for personalized content. By continuing to browse this site, you acknowledge the use of cookies.
For details on cookie usage on our site, read our Privacy Policy
For details on cookie usage on our site, read our Privacy Policy
About mgabriel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- LIVEcommunity
- About mgabriel
04-01-2022
3Posts
0Likes
0Solutions
Apr 01, 2022Last Visited
User
Activity
User
Profile
Latest posts by mgabriel
| Subject | Views | Posted |
|---|---|---|
| 2399 | 04-08-2022 05:51 AM | |
| 2447 | 04-05-2022 05:00 AM | |
| 2554 | 04-01-2022 08:36 AM |
User Badges
Community Statistics
| Member Since | 04-01-2022 08:30 AM |
| Date Last Visited | 04-01-2022 12:27 PM |
| Posts | 3 |
04-08-2022
05:51 AM
Hi @kiwi, Thanks for your help! Yes, the certificate was created by the CA. What folder do you mean? I see only a folder "~/.GlobalProtect" with only the logs and three dat files. One of them is called "PanPortalCfg_*.dat" so it might seems that it has something to do with the portals configuration, but it's binary so I have not found a way to read it. I've tried to copy the p12 certificate in this folder and import it from here, but the result is still the same: Retrieving configuration... Retrieving configuration... Failed to connect to gp-dica.vpn.polimi.it. Error: A valid client certificate is required for authentication. If the issue persists, contact your administrator. Looking at the PanGPi.log file I read this message, where VPN1 is the vpn service which requires the 2FA and is working, while VPN2 is the one which requires the certificate and is not working: P11533-T150869760 04/07/2022 08:29:19:541 Debug( 118): From GPA: statusDisconnectedA valid client certificate is required for authentication. If the issue persists, contact your administrator.ni-ext-gw.vpn.VPN1ni-ext-gw.vpn.VPN1yesnodc-ext-gw.vpn.VPN1dc-ext-gw.vpn.VPN1yesnoClient Cert Requiredgp-dica.vpn.VPN2noyes. By looking at them on the line it makes me think that there must be some sort of mixup with the portals. Could this be the case? Also I saw in the PanGPA.log the user for VPN2, which however I did not remember writing anywhere and, for this reason, I think it was read by the certificate...
... View more
04-05-2022
05:00 AM
Hi @kiwi, Yes, that is correct. I unistalled theUI version and I moved to the CLI one. This allowed me to use the `connect` command. However, now I'm stuck my another issue: while one of the VPN requires 2FA and works correctly using the CLI version, the other one requires a certificate. Even if I first import the certificate with (run in the location where the certificate is located): $ globalprotect import-certificate --location . Please input passcode: Import certificate is successful. I then get this message: $ globalprotect connect --portal YYYYYYYY Retrieving configuration... Retrieving configuration... Failed to connect to YYYYYYYY. Error: A valid client certificate is required for authentication. If the issue persists, contact your administrator. I've tried with multiple certificates (even newly generated), but the issue persists.
... View more
04-01-2022
08:36 AM
Hi, I'm trying to set up two different VPN relying on two different accounts on the same Linux (Linux Mint 20.2 Uma, base: Ubuntu 20.04 focal), but I'm having some issues. From what I understood (as the VPN rely on different emails) I need to create different portals. I have already one portal setup on my laptop using GlobalProtect, but when when I try to follow the commands indicated here https://docs.paloaltonetworks.com/globalprotect/5-3/globalprotect-app-user-guide/globalprotect-app-for-linux/use-the-globalprotect-app-for-linux.html) I get the following error: $ globalprotect connect --portal XXXXXX Cannot parse your input. The valid CLI commands that you can now use are: collect-log import-certificate launch-ui [--recover] show --version So it seems that the 'connect' command is not recognized. How so? I'm using GlobalProtect version 5.3.1-36 Thanks
... View more
Contact Me
| Online Status |
Offline
|
| Date Last Visited |
04-01-2022
12:27 PM
|
LEGAL NOTICES
Copyright 2007 - 2023 - Palo Alto Networks