Custom ssl vpn cert missing

Pablito93
New Contributor II

Hi all,

When attempting to create a custom SSL configuration for the GlobalProtect VPN, I am unable to assign a specific certificate that was previously uploaded. The "Identity Certificate" field does not appear at all, so I cannot select the specific certificate. Furthermore, when trying to deploy the configuration to an iPad without this setup, it unfortunately results in a failure.

The configuration was performed according to the PA article: Configure a User-Initiated Remote Access VPN Configuration for iOS Endpoints Using Jamf Pro.

https://docs.paloaltonetworks.com/globalprotect/10-1/globalprotect-admin/mobile-endpoint-management/...

8 REPLIES 8

agungsujiwo
Contributor

Hi @Pablito93 ,

I believe you have definitely done according to the steps from the Paloalto website,
you can search based on the log in each of your configurations and profiles,
are there any pending / Failed,
if in Device > Management > management Comment pending / failed, you cancel all,
then update inventory, this can ensure all your configurations and profiles can be entered properly.

Hi @agungsujiwo 

Thanks for reply. I believe the issue lies in the fact that I cannot assign an identity certificate to the created VPN profile as described in the Palo Alto instructions. My question is: why don’t I have this field available? I think the error when uploading the profile stems directly from this.

Pablito93_0-1733927020716.png

 

After I checked on VPN, it's true what you said, I also didn't find that setting " Identity Certificate ", have you tried asking Paloalto support .

jennaferharris
New Contributor II

Experiencing the same issue here. We've been deploying a configuration profile for quite some time to automatically fill in the portal address that recently has stopped working on newly provisioned iPads. I opened a ticket with Jamf and after some digging, found out that this is a product issue and will be resolved in the next Jamf Pro release.

@jennaferharris 

Thanks for the response. Do you mean deploying only the gateway address configuration, or does this also include the issue with certificate selection?

 

user-hANoLKNmDB
New Contributor

I am experiencing the same issue.   

@user-hANoLKNmDB 

I have currently opened a support ticket and am in the process of having the issue investigated by them. If I receive any solution from them, I will let you know.

 

Pablito93
New Contributor II

Hi guys, after submitting a ticket to support, the issue has been resolved. The field for selecting a certificate has appeared, and after testing, the policy is applied and the client successfully authenticates using the certificate