Globalprotect SAML Authentication login screen does not load and shows blank page.

Globalprotect SAML Authentication login screen does not load and shows blank page.

14879
Created On 12/27/22 10:01 AM - Last Modified 12/22/24 15:05 PM


Symptom


Globalprotect SAML Authentication login screen does not load and shows blank page while  Enforce GlobalProtect Connection for Network access feature is set to Yes.

Environment


  • Strata or Prisma Access firewalls
  • Supported PAN-OS
  • Globalprotect 

Cause

Resolution


  1. Navigate to GUI: Network >  GlobalProtect > Portals >  <portal-config> >  Agent > <agent-config> > App.
  2. Click Add to add the URLs listed under "Allow traffic to specified hosts/networks when Enforce GlobalProtect Connection for Network Access is enabled and GlobalProtect Connection is not established".
* login.live.com
* *.msftauthimages.net
* *.msftauth.net
* autologon.microsoftazuread-sso.com

  1. Ensure the latest URLs are aligned with Microsoft's best practice documentation, specifically those for "Azure portal authentication."

https://learn.microsoft.com/en-us/azure/azure-portal/azure-portal-safelist-urls?tabs=public-cloud

login.microsoftonline.com
*.aadcdn.msftauth.net
*.aadcdn.msftauthimages.net
*.aadcdn.msauthimages.net
*.logincdn.msftauth.net
login.live.com
*.msauth.net
*.aadcdn.microsoftonline-p.com
*.microsoftonline-p.com





 
Other users also viewed:
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u000000saF0CAI&lang=en_US&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail

Choose Language