GlobalProtect does not need HTTPS from the interface management for the portal to function. It is recommended to review the Interface Management Profiles to ensure that loopback, physical interface or tunnel are NOT selected with HTTPS, and NOT applied to the GlobalProtect.
By default, when GlobalProtect portal is enabled it’s running on port 443.