BugZero | Palo Alto Networks BugID PAN-232214 - Fixed an issue where GlobalProtect clients remaine...

Palo Alto Networks - Defect ID: PAN-232214

Fixed an issue where GlobalProtect clients remained in the connecting state during portal pre-login when Kerberos single sign-on (SSO) was enabled.

Palo Alto Networks - Defect ID: PAN-232214

Fixed an issue where GlobalProtect clients remained in the connecting state during portal pre-login when Kerberos single sign-on (SSO) was enabled.

Last updated on May 27th, 2026

BugZero Risk Score
6.3 Medium

Overall: 6.3

Severity: 6.4

Community: 3.7

Lifecycle: 10.0

What is the BugZero Risk Score?

Palo Alto Networks Integration

Learn more about where this data comes from

Palo Alto Networks Integration

Learn more

BugZero Plan

Streamline upgrades with automated vendor bug scrubs

BugZero Plan

Learn more

BugZero Prevent

Wish you caught this bug sooner? Get proactive today.

BugZero Prevent

Learn more

Bug Details

Description

Disclaimer

Hotfix versions were inferred because the vendor did not list them explicitly: 11.1.4-h1, 11.1.4-h2, 11.1.4-h3

The earliest recollection of this bug is traced back to PAN-OS 11.1.3-h6. - May 27, 2026. This bug is fixed in PAN-OS versions 11.1.4-h4, 11.1.3-h6.. Fixed an issue where GlobalProtect clients remained in the connecting state during portal pre-login when Kerberos single sign-on (SSO) was enabled. For more information: https://docs.paloaltonetworks.com/pan-os/11-1/pan-os-release-notes/pan-os-11-1-3-known-and-addressed-issues/pan-os-11-1-3-h6-addressed-issues https://docs.paloaltonetworks.com/pan-os/11-1/pan-os-release-notes/pan-os-11-1-4-known-and-addressed-issues/pan-os-11-1-4-h4-addressed-issues

Change history

2026-05-27 Added: 11.1.4-h1, 11.1.4-h2, 11.1.4-h3

No changes to display

Relevant Products

Click on a version to see all relevant bugs

Affected versions:11.1.4-h1, 11.1.4-h2, 11.1.4-h3

Fixed versions: 11.1.4-h4, 11.1.3-h6.

Relevant Products

Click on a version to see all relevant bugs

Affected versions:11.1.4-h1, 11.1.4-h2, 11.1.4-h3

Fixed versions: 11.1.4-h4, 11.1.3-h6.

Top Palo Alto Networks Defects

6.3Defect ID: PAN-242147
( PA-1410 firewalls only ) Fixed an issue where the firewall did not block STP packets when the ports on the connected routers were in access mode.
6.3Defect ID: PAN-246059
Fixed an issue where forwarded logs were not visible on Panorama due to the Elasticsearch service not starting when it encountered old and unsupported indices.
6.3Defect ID: PAN-231194
Fixed an issue where the firewall was unable to clear hints from the disk.
6.3Defect ID: PAN-232214
Fixed an issue where GlobalProtect clients remained in the connecting state during portal pre-login when Kerberos single sign-on (SSO) was enabled.
6.3Defect ID: PAN-246056
Fixed an issue where single TLS session packets were sent to multiple firewalls when off-loading was enabled and ECMP was disabled.

Ready to prevent the next vendor outage?

Get a demo

Palo Alto Networks - Defect ID: PAN-232214

Fixed an issue where GlobalProtect clients remained in the connecting state during portal pre-login when Kerberos single sign-on (SSO) was enabled.

Palo Alto Networks - Defect ID: PAN-232214

Fixed an issue where GlobalProtect clients remained in the connecting state during portal pre-login when Kerberos single sign-on (SSO) was enabled.

Last updated on May 27th, 2026

BugZero Risk Score6.3 Medium

Bug Details

Disclaimer

Top Palo Alto Networks Defects

Ready to prevent the next vendor outage?

Links

BugZero Risk Score
6.3 Medium