GlobalProtect connection fails with the error "Access to the network from this device has been restricted per your organizations security policy" for multiple users

• GlobalProtect users are getting the error "Access to the network from this device has been restricted per your organization's security policy. Please contact your IT Administrator". 
  
• This is due to the option "Block login for quarantine device" enabled on the gateway.
   GUI: Network < GlobalProtect < Gateway < [gateway-name]  < Authentication
  

• PAN-OS 10.0 and above
• GlobalProtect Gateway
• GlobalProtect App

The device is quarantined either manually or automatically.

Remove the device from the quarantine list using following methods:

1. From the CLI

admin@PA-VM-II(active)> request device-quarantine-list delete host <enter the host id>
Device is deleted from quarantine list

2. From the Web-GUI

GUI: Device > Device quarantine  => Remove the device from the GUI.

• The following log is generated when the device is added to the quarantine list.

• Quarantine list can be seen from the GUI under Device > Device Quarantine. It can also be seen under CLI command "request device-quarantine-list show all"

• If the device is in quarantine and the gateway connection gets disconnected, a similar log entry can be expected. 

• Similarly a log entry can be observed in the gateway firewall after removal.