GlobalProtect
Known Issues
Table of Contents
Expand All
|
Collapse All
GlobalProtect Docs
-
- 10.1 & Later
- 9.1 (EoL)
-
- 6.3
- 6.2
- 6.1
- 6.0
- 5.1
-
- 6.1
- 6.0
- 5.1
-
- 6.3
- 6.2
- 6.1
- 6.0
- 5.1
Known Issues
See the list of the known issues in GlobalProtect app
6.0.
The following table lists the known issues in GlobalProtect app 6.0 versions for Android, iOS,
Chrome, Windows, Windows 10 UWP, macOS, and Linux.
Issue | Description |
---|---|
GPC-21829
|
After upgrading or downgrading the GlobalProtect client to version
6.0.10, SAML authentication fails when using the embedded browser
along with enforcer without any exceptions.
Workaround: Configure an enforcer exception for the SAML
authentication service.
|
GPC-21558
|
After disabling and re-enabling extensions on macOS Sequoia, the
Enforcer fails to block traffic as expected when the GlobalProtect
client is disconnected, allowing traffic to flow improperly.
|
GPC-21554
|
If enforcer is configured, the Connect Before Logon connection fails
with a portal unreachable error.
|
GPC-20108
|
The GlobalProtect app upgrade from version 6.0.9 and earlier to
version 6.0.10 and later may fail for some users when the agent app
configuration parameter on the portal is set to Allow
with prompt.
Workaround: Use the transparent upgrade method.
|
GPC-18964
|
The GlobalProtect tunnel disconnects after 10 minutes on app versions
6.0.8 and 6.2.1, when SAML authentication is used and the
GlobalProtect app is running on macOS devices.
|
GPC-18467
|
In 6.0.8, when SAML authenticates a user that is not in the allow
list, authentication fails. However, the SAML assertion is still
used for subsequent authentication.
|
GPC-17226
|
After upgrade to GlobalProtect app version 6.0.5, macOS Ventura users
are unable to refresh the connection when connected to an external
gateway because the refresh menu disappears when the user hovers
over it.
|
GPC-17099
Fixed in GlobalProtect app 6.0.5-c35 and GlobalProtect app
6.0.7
|
When the GlobalProtect app for Windows is upgraded to GlobalProtect
app version 6.0.5, devices with Driver Verifier enabled and
configured to monitor the PAN virtual adapter driver (pangpd.sys)
display the
DRIVER_VERIFIER_DETECTED_VIOLATION
Blue Screen error.
|
GPC-15088 | When the GlobalProtect app is installed on
Android devices, the GlobalProtect notification is persistent and
continues to stay on the screen even when the app is closed. This issue
is not applicable for Android devices with Android 13 and later
version. Fixed the issue where the GlobalProtect notification
displayed on the screen was unresponsive and this is listed under
the Addressed Issues section. |
GPC-14820 | If you change the setting for Connect
with SSL Only in the portal configuration, when the
user views the Preferences in the GlobalProtect app, the Connect
with SSL setting retains the previous setting. |
GPC-14819 | The first time end users connect using the
GlobalProtect 6.0 app they may see an authentication failed message
if their SSO credentials are different from
the credentials they used to log in to their computer. |
GPC-14705
Fixed in GlobalProtect app
6.0.5 | On macOS endpoints, when connected to an
internal gateway the endpoint may not send a HIP report or receive
HIP notifications, and the HIP reports are not available on the Host Information Profile tab
in the app. |
GPC-14640 Fixed in GlobalProtect app
6.0.1 | In pre-logon deployments,
the GlobalProtect enforcer remains enabled even after disabling GlobalProtect. |
GPC-14578 Fixed in GlobalProtect app
6.0.3 | After connecting to GlobalProtect using Connect Before Logon (CBL) with
SAML authentication, the GlobalProtect app keeps opening and closing
after the user logs in. |
GPC-14453 Fixed in GlobalProtect app
6.0.1 | In some cases, TCP Option lookup for IP fragmented
TCP packets can cause the endpoint to lose access to internal resources. |
GPC-14329 Fixed in GlobalProtect app
6.0.1 | macOS devices are able to bypass the GlobalProtect
tunnel using the physical adapter even when No direct
access to local network is enabled. |
GPC-14063 | In cases where the GlobalProtect gateway
does not push a DNS suffix to the endpoint,
the endpoint incorrectly pushes the DNS suffix from the physical
adapter to the virtual adapter. |
GPC-13998 | When connected to GlobalProtect with Resolve
All FQDNs Using DNS Servers Assigned by the Tunnel (Windows Only) set
to Yes in the App Configurations area of
the GlobalProtect portal configuration, performance is slow in the Windows
Active Directory Users and Computers console. Workaround: Set Resolve
All FQDNs Using DNS Servers Assigned by the Tunnel (Windows Only) to No. |
GPC-13970 Fixed in GlobalProtect app
6.0.1 | DNS queries for excluded domains are sent out on both the GlobalProtect app virtual adapter and
the device's physical adapter when the Split-Tunnel
Option is set to Both Network Traffic and
DNS in the App Configurations area of
the GlobalProtect portal configuration. |
GPC-13774 Fixed in GlobalProtect app
6.0.1 | In some cases the GlobalProtect tunnel cannot send traffic after the system wakes up from sleep
mode. |
GPC-13757 | In a configuration where the Welcome
Page is set to None and Have
User Accept Terms Of Use before Creating Tunnel is set
to Yes, the endpoint gets stuck in the connecting
state. Workaround: Enable the Welcome Page or set Have
User Accept Terms Of Use before Creating Tunnel to No. |
GPC-13575 | When the user is prompted to select a certificate to
use to connect to GlobalProtect, if the user instead clicks Cancel
without selecting a client certificate the app shows the no network connectivity error
message. |
GPC-13106 | If the end user sets a preferred gateway in the GlobalProtect app and the administrator later
disables the manual gateway option in
the portal configuration, the app will still display the option to
set a gateway as preferred after the end user refreshes the
connection even though manual gateway selection is no longer an
available option. |
GPC-16597 |
The GlobalProtect app stops working when the app is upgraded from
version 5.2.8 to 6.0.3.
|
GPC-10557 | Users cannot install the GlobalProtect app
on Linux devices with Ubuntu 20.04 LTS. Workaround:
Install the GlobalProtect app on Linux devices using the dpkg utility
of the Debian package along with the apt-get utility. To
install the GlobalPtotect app CLI, use $ sudo dpkg -i <gp-app-pkg>.
For example: $ sudo dpkg -i GlobalProtect_deb-5.3.3.0-3.deb. |