GlobalProtect App 5.1 Known Issues
See the list of the known issues in GlobalProtect app 5.1.
The following table describes known issues in the GlobalProtect app 5.1 releases.
When users run the GlobalProtect app for Android, the app reports a
Required Client Certificate not founderror for the first time and failed when users switched between portals configured with different client certificate profiles. The client certificate authentication is successful when users attempt to connect to the app again.
Safari cannot be added to the application-based split tunnel rule on macOS endpoints.
When the split tunnel settings based on the destination domains are configured on the GlobalProtect gateway and either Chrome or the Edge browser is used to navigate to these domains on macOS endpoints running macOS Catalina 10.15.4 or later, the
connection reseterrors appear for a few seconds before the website launches.
When the split tunnel settings are configured to exclude application traffic such as Microsoft Teams and Skype, some excluded traffic are still forwarded through the tunnel.
For the GUI version of the GlobalProtect app for Linux, SAML authentication with Microsoft Azure does not work on Ubuntu 1804 or greater versions.
When you upgrade Red Hat® Enterprise Linux 7 to Red Hat® Enterprise Linux 8, the operating system displays errors for missing GlobalProtect packages (qt5-qtwebkit) during the upgrade.
On Chromebooks with the GlobalProtect app for Android, after refreshing the configuration or disabling and re-enabling the app, GlobalProtect reports a
portal not founderror.
Workaround: Refresh the configuration again to trigger the connection.
On iOS devices where you enable the user to save user credentials after supplying a trusted fingerprint, when you refresh the connection, the GlobalProtect app displays an
When users run the GlobalProtect app for Android on their Chromebooks, the app cannot connect to GlobalProtect gateways based on the source IP address of the user because it runs within the Android container on Chrome OS. The Android container uses a network bridge to connect the app to the network, so it is assigned a different IP address from the source IP address of the Chromebook user.
Workaround: Ensure that gateway selection for the Android operating system is not based on the source IP address of the user by leaving both the
IP Addressfields empty in the config selection criteria for your client settings configuration (
Config Selection Criteria
When users run the GlobalProtect app for Android on their Chromebooks, the app cannot connect to GlobalProtect portals using IPv6 because it runs within the Android container in Chrome OS, which does not currently support IPv6.
Workaround: Set the
IP Address Typefor your GlobalProtect portal to
The GlobalProtect app does not support portal hostnames with non-English characters.
When users establish a GlobalProtect connection for the first time on iPads running iOS 11.1, and they
Don’t AllowGlobalProtect to send them notifications, the
Settings -> GlobalProtectlink on subsequent notification permission reminders does not open.
Workaround: Upgrade your iPad to iOS 11.3 or a later version.
If you remain on iOS 11.1, you can enable GlobalProtect to send you notifications by going to the GlobalProtect notification settings on your iPad (
) and then selecting
On macOS endpoints, the GlobalProtect app can’t detect the following
Anti-Malwareinformation for the HIP Match log details of the Gatekeeper security feature (
The firewall does not generate a notification for the GlobalProtect app when the firewall denies an unencrypted TLS session due to an authentication policy match.
Recommended For You
Recommended videos not found.