End-of-Life (EoL)

User Experience Enhancements for iOS

GlobalProtect app 5.0 for iOS introduces user experience enhancements.
GlobalProtect app 5.0 for iOS endpoints introduces the following user experience enhancements:

Seamless Login

GlobalProtect app 5.0 introduces a more streamlined and seamless connection experience. The following sections describe the connection experience for first-time users, users with On-Demand mode, and users with Always On mode:
First-Time Connection Experience
End users must perform the following steps to establish a GlobalProtect connection on iOS endpoints for the first time:
  1. Launch the GlobalProtect app.
  2. (
    Optional
    ) If you have not enabled GlobalProtect notifications on your endpoint, a notification permission dialog appears.
    Allow
    GlobalProtect to send you notifications.
    If you
    Don’t Allow
    GlobalProtect to send you notifications, a reminder appears the next time you launch the app. Tap the
    Settings -> GlobalProtect
    link to go to the notification permission screen, where you can enable notifications. If you still do not want to enable notifications,
    Skip
    this screen.
  3. Enter the GlobalProtect portal address.
  4. (
    Optional
    ) Depending on the connection mode, tap
    Connect
    to initiate the connection.
  5. When the
    “GlobalProtect” Would Like to AddVPN Configurations
    message appears, use the following steps to add VPN configurations to your endpoint:
    1. Allow
      GlobalProtect to add VPN configurations to your endpoint. This setting enables GlobalProtect to filter and monitor network activity on the endpoint when you are using the VPN.
    2. Enter your iPhone or iPad passcode to confirm that you want to add VPN configurations to your endpoint.
  6. (
    Optional
    ) If your endpoint is unable to verify the identity of the GlobalProtect portal using the portal server certificate, the
    Cannot Verify Server Identity
    message appears. If you trust the certificate, tap
    Continue
    to proceed with the connection.
  7. (
    Optional
    ) If prompted, enter your
    Username
    and
    Password
    , and then
    SIGN IN
    .
  8. (
    Optional
    ) If you are using multi-factor authentication, enter the GlobalProtect verification
    Code
    that is sent to your endpoint after you sign in, and then tap
    Continue
    .
  9. (
    Optional
    ) If your administrator configures the GlobalProtect app to display a welcome message, the welcome message appears upon successful connection. Close the welcome message to proceed to the home screen.
  10. (
    Optional
    ) If there are notifications on your app, the Notifications dialog appears upon successful connection. Close the Notifications dialog to proceed to the home screen.
  11. When the home screen appears, verify that your connection has established successfully. If the connection is successful, the home screen displays the
    CONNECTED
    state.
  12. (
    Optional
    ) By default, the endpoint is automatically connected to the
    Best Available
    gateway based on the configuration that the administrator defines and the response times of the available gateways. To connect to a different gateway, tap the gateway drop-down at the bottom of the home screen, and then select a gateway from the list (external gateways only).
On-Demand (Remote Access VPN) Connection Experience
When you configure GlobalProtect with the
On-Demand
Connect Method
(
Network
GlobalProtect
Portals
<portal-config>
Agent
<agent-config>
App
), end users must launch the GlobalProtect app to initiate the connection manually. After the connection initiates, end users can
TAP TO CONNECT
to establish the GlobalProtect connection. If you enable GlobalProtect to
Save User Credentials
, the connection establishes without requiring further user interaction. If you do not enable GlobalProtect to
Save User Credentials
, end users must sign in to establish the connection. To disconnect GlobalProtect, end users can
TAP TO DISCONNECT
.
Always On Connection Experience
When you configure GlobalProtect with the
User-Logon (Always On)
or
Pre-Logon (Always On)
Connect Method
(
Network
GlobalProtect
Portals
<portal-config>
Agent
<agent-config>
App
), the connection initiates automatically. Depending on whether you configure the GlobalProtect app to
Save User Credentials
(
Network
GlobalProtect
Portals
<portal-config>
Agent
<agent-config>
Authentication
), users can establish the GlobalProtect connection without launching the app. If you enable GlobalProtect to
Save User Credentials
, the connection establishes automatically without requiring any user interaction. If you do not enable GlobalProtect to
Save User Credentials
, end users must sign in through the app to establish the connection.

Expired Password Change

Remote users can now change their RADIUS or Active Directory (AD) passwords through the GlobalProtect app for iOS endpoints when their password expires or a RADIUS or AD administrator requires a password change at the next login. This feature is enabled only when the user is authenticated with a RADIUS server using the Protected Extensible Authentication_Protocol Microsoft Challenge Handshake Authentication Protocol version_2 (PEAP-MSCHAPv2).
End users can use the following steps to change their expired passwords on the GlobalProtect app:
  1. Launch the GlobalProtect app.
  2. On the home screen,
    TAP TO CONNECT
    to establish the GlobalProtect connection.
  3. (
    Optional
    ) If prompted, enter your
    old
    Username
    and
    Password
    , and then
    SIGN IN
    .
  4. When the GlobalProtect app prompts you to
    Update Password
    , enter your
    Current Password
    followed by your
    New Password
    .
  5. Retype Password
    to confirm your new password.
  6. SIGN IN
    to reconnect to GlobalProtect with your new password.

Notification Handling

When the GlobalProtect app for iOS endpoints is running in the background, error messages and alerts from the GlobalProtect app display on the endpoint as system notifications. If a notification requires user interaction (for example, if a user must re-enter their credentials after authentication fails), users can tap the system notification to open the GlobalProtect app and complete the interaction. Users can no longer provide inputs for GlobalProtect outside the app. In addition, users can tap a system notification to open the GlobalProtect app and view more details about the notification.
When users launch the GlobalProtect app, the app immediately displays all current GlobalProtect notifications (if available) on the Notifications dialog. If a user closes the Notifications dialog, he or she can tap the notification ( ) icon on the home screen to re-open the dialog. If the app has multiple notifications, users can swipe left or right to view each notification.

Recommended For You