End-of-Life (EoL)

GlobalProtect App 4.0.6 Addressed Issues

The following table lists the issues that are addressed in the GlobalProtect™ app 4.0.6 release.
Issue ID
Fixed an issue where a GlobalProtect app (versions 4.0.3 to 4.0.5) could not connect to the GlobalProtect gateway because of a name lookup failure in networks where the connection involved a proxy server.
Fixed an issue where GlobalProtect on mobile endpoints running an iOS or Android operating system could not switch or connect to multiple GlobalProtect gateways that had the same IP address but different ports in the GlobalProtect portal configuration.
Fixed an issue on Android endpoints where you could not run the Google Play Store application properly when the endpoints connected to GlobalProtect over a VPN with split tunneling.
Fixed an issue where, after end users entered the wrong password at any User Access Control (UAC) prompt on Windows, GlobalProtect credential provider displayed in subsequent login attempts.
As an enhancement, GlobalProtect now logs the latest, current error on endpoints to the LastErrorString registry value under
HKEY_LOCAL_MACHINE\SOFTWARE\Palo Alto Networks\GlobalProtect\PanGPS
. The LastErrorString displays the same error message that the GlobalProtect app user interface displays. After the error is resolved, GlobalProtect clears the LastErrorString value.
Fixed an issue where GlobalProtect apps (versions 4.0.3 to 4.0.5) discarded fragmented UDP packets.
Fixed an issue where the GlobalProtect app on Chromebook endpoints failed to authenticate to the GlobalProtect portal through SAML because the GlobalProtect app sent the portal IP address instead of the portal FQDN in the Assertion Consumer Service (ACS) URL of the SAML authentication request.
Fixed an issue where endpoints failed pre-login authentication to the GlobalProtect portal and displayed a 12007 error when an unreachable WinHTTP proxy server was set on the endpoints.
Fixed an issue where endpoints intermittently failed to detect Captive Portal and could not access it in deployments where you enabled
Enforce GlobalProtect Connection for Network Access
Fixed an issue where the PanGPS service restarted during Captive Portal detection when the firewall processed a Captive Portal response page that exceeded 8,192 bytes.

Recommended For You