Known Issues
Focus
Focus
GlobalProtect

Known Issues

Table of Contents

Known Issues

See the list of the known issues in GlobalProtect app 6.0.
The following table lists the known issues in GlobalProtect app 6.0 versions for Android, iOS, Chrome, Windows, Windows 10 UWP, macOS, and Linux.
Issue
Description
GPC-21829
After upgrading or downgrading the GlobalProtect client to version 6.0.10, SAML authentication fails when using the embedded browser along with enforcer without any exceptions.
Workaround: Configure an enforcer exception for the SAML authentication service.
GPC-21558
After disabling and re-enabling extensions on macOS Sequoia, the Enforcer fails to block traffic as expected when the GlobalProtect client is disconnected, allowing traffic to flow improperly.
GPC-21554
If enforcer is configured, the Connect Before Logon connection fails with a portal unreachable error.
GPC-20108
The GlobalProtect app upgrade from version 6.0.9 and earlier to version 6.0.10 and later may fail for some users when the agent app configuration parameter on the portal is set to Allow with prompt.
Workaround: Use the transparent upgrade method.
GPC-18964
The GlobalProtect tunnel disconnects after 10 minutes on app versions 6.0.8 and 6.2.1, when SAML authentication is used and the GlobalProtect app is running on macOS devices.
GPC-18467
In 6.0.8, when SAML authenticates a user that is not in the allow list, authentication fails. However, the SAML assertion is still used for subsequent authentication.
GPC-17226
After upgrade to GlobalProtect app version 6.0.5, macOS Ventura users are unable to refresh the connection when connected to an external gateway because the refresh menu disappears when the user hovers over it.
GPC-17099
Fixed in GlobalProtect app 6.0.5-c35 and GlobalProtect app 6.0.7
When the GlobalProtect app for Windows is upgraded to GlobalProtect app version 6.0.5, devices with Driver Verifier enabled and configured to monitor the PAN virtual adapter driver (pangpd.sys) display the DRIVER_VERIFIER_DETECTED_VIOLATION Blue Screen error.
GPC-15088
When the GlobalProtect app is installed on Android devices, the GlobalProtect notification is persistent and continues to stay on the screen even when the app is closed. This issue is not applicable for Android devices with Android 13 and later version.
Fixed the issue where the GlobalProtect notification displayed on the screen was unresponsive and this is listed under the Addressed Issues section.
GPC-14820
If you change the setting for Connect with SSL Only in the portal configuration, when the user views the Preferences in the GlobalProtect app, the Connect with SSL setting retains the previous setting.
GPC-14819
The first time end users connect using the GlobalProtect 6.0 app they may see an authentication failed message if their SSO credentials are different from the credentials they used to log in to their computer.
GPC-14705
On macOS endpoints, when connected to an internal gateway the endpoint may not send a HIP report or receive HIP notifications, and the HIP reports are not available on the Host Information Profile tab in the app.
GPC-14640
In pre-logon deployments, the GlobalProtect enforcer remains enabled even after disabling GlobalProtect.
GPC-14578
After connecting to GlobalProtect using Connect Before Logon (CBL) with SAML authentication, the GlobalProtect app keeps opening and closing after the user logs in.
GPC-14453
In some cases, TCP Option lookup for IP fragmented TCP packets can cause the endpoint to lose access to internal resources.
GPC-14329
macOS devices are able to bypass the GlobalProtect tunnel using the physical adapter even when No direct access to local network is enabled.
GPC-14063
In cases where the GlobalProtect gateway does not push a DNS suffix to the endpoint, the endpoint incorrectly pushes the DNS suffix from the physical adapter to the virtual adapter.
GPC-13998
When connected to GlobalProtect with Resolve All FQDNs Using DNS Servers Assigned by the Tunnel (Windows Only) set to Yes in the App Configurations area of the GlobalProtect portal configuration, performance is slow in the Windows Active Directory Users and Computers console.
Workaround: Set Resolve All FQDNs Using DNS Servers Assigned by the Tunnel (Windows Only) to No.
GPC-13970
DNS queries for excluded domains are sent out on both the GlobalProtect app virtual adapter and the device's physical adapter when the Split-Tunnel Option is set to Both Network Traffic and DNS in the App Configurations area of the GlobalProtect portal configuration.
GPC-13774
In some cases the GlobalProtect tunnel cannot send traffic after the system wakes up from sleep mode.
GPC-13757
In a configuration where the Welcome Page is set to None and Have User Accept Terms Of Use before Creating Tunnel is set to Yes, the endpoint gets stuck in the connecting state.
Workaround: Enable the Welcome Page or set Have User Accept Terms Of Use before Creating Tunnel to No.
GPC-13575
When the user is prompted to select a certificate to use to connect to GlobalProtect, if the user instead clicks Cancel without selecting a client certificate the app shows the no network connectivity error message.
GPC-13106
If the end user sets a preferred gateway in the GlobalProtect app and the administrator later disables the manual gateway option in the portal configuration, the app will still display the option to set a gateway as preferred after the end user refreshes the connection even though manual gateway selection is no longer an available option.
GPC-16597
The GlobalProtect app stops working when the app is upgraded from version 5.2.8 to 6.0.3.
GPC-10557
Users cannot install the GlobalProtect app on Linux devices with Ubuntu 20.04 LTS.
Workaround: Install the GlobalProtect app on Linux devices using the dpkg utility of the Debian package along with the apt-get utility.
To install the GlobalPtotect app CLI, use $ sudo dpkg -i <gp-app-pkg>. For example: $ sudo dpkg -i GlobalProtect_deb-5.3.3.0-3.deb.