>
    Strata Copilot
    GlobalProtect 6.3.3-h2 (6.3.3-c42) Linux Addressed Issues
    Focus
    Download PDF
    Focus
    1. Home
    2. GlobalProtect
    4. GlobalProtect™ App Release Notes
    5. Addressed Issues
    6. GlobalProtect 6.3.3-h2 (6.3.3-c42) Linux Addressed Issues
    Download PDF
    GlobalProtect

    GlobalProtect 6.3.3-h2 (6.3.3-c42) Linux Addressed Issues

    Table of Contents

    GlobalProtect 6.3.3-h2 (6.3.3-c42) Linux Addressed Issues

    The following table lists the issues addressed in GlobalProtect app 6.3.3-h2 (6.3.3-c42) Linux.
    Issue ID
    Description
    GPC-25609
    Fixed an issue where the GlobalProtect Client on Linux platforms, including version 6.2.8-243, failed to receive the RADIUS authentication challenge response from the firewall, resulting in authentication failures. This was due to a stale state issue where the `m_bGatewayChallenge` flag was not reset before `GetConfigFromPortal()` when users reconnected after machine logout or login cycles.
    GPC-25315
    Fixed an issue where GlobalProtect Linux clients on Ubuntu 22.04 experienced overnight tunnel disconnects, indicated by the PanGPS process receiving a SIGTERM, and were subsequently unable to auto-reconnect due to gateway configuration.
    GPC-25091
    Fixed an issue where GlobalProtect client version 6.2.9 on Fedora 42 displayed an incorrect login time and an extremely large, meaningless login lifetime in the user interface.
    GPC-24832
    Fixed an issue where GlobalProtect Linux clients running version 6.2.8 on Ubuntu 24.04 displayed an "unknown" user IP mapping in the gateway, which caused traffic to be routed to incorrect security policies. This occurred due to SSL certificate validation failures when the GlobalProtect client attempted to send Host Information Profile (HIP) reports to the gateway, and the client did not properly clear the invalid certificates and retry sending the HIP report.
    GPC-24664
    Fixed an issue where the GlobalProtect client (version 6.2.9) on Linux (Ubuntu) devices would crash unexpectedly, displaying a 'PanGPUI crashed with SIGSEGV' error. This occurred during the authentication process, specifically after the user was prompted for Duo multi-factor authentication twice, and prevented the client from connecting to the gateway due to a stalled authentication process where the agent did not receive the SAML response.
    GPC-24088
    Fixed an issue where GlobalProtect App versions 6.2.7-1050 and 6.2.9-407 running on Rocky Linux 9.4, 9.5, and 9.6 did not add gateway-pushed DNS servers when connected to the GlobalProtect gateway.
    GPC-24083
    Fixed an issue where GlobalProtect clients intermittently failed RADIUS authentication due to treating the portal challenge response as a gateway challenge response. This resulted in incorrect handling of the OTP response back to the server.
    GPC-23903
    Fixed an issue where the GlobalProtect client on Linux devices failed to correctly route traffic for configured 'include domains' through the VPN tunnel. Although the client attempted to mark this traffic for inclusion using `iptables` rules, underlying issues with `iptables` rule management, specifically related to the `PANGPSTCHAIN` and the removal of exclude markings, prevented the traffic from being properly redirected, causing it to bypass the tunnel and use the physical interface instead.

    © 2026 Palo Alto Networks, Inc. All rights reserved.