Forum Discussion
Unable to setup Microsoft Global Secure Access
Firstly I am not getting any login prompt to login to the GSA client on any of my devices and when I navigate thru to the advanced diagnostics area and the health check area I get : ( I dont belive i am logged in )
Im not very sure if I've set it up correctly so an input on this would be much appreciated
Thanks, Rhythm
Hi here's a update, make sure to assign users to the traffic forwarding profiles or nothing will work, once you have assigned it give it a bit of time ( 1 ish hour ) and then restart your endpoints, it should work instantly.
11 Replies
Mine is setup and working, but after a reboot I'll get the 'Global Secure Access has been disabled by your organization' ... then in the advanced diagnostics I see the 'break glass mode is enabled' message...
If I wait about 5 minutes, it goes away and everything works fine again.
Not really sure what's up with it...- Jeff_Bley
Microsoft
This was a bug in the previous client version. Update the GSA client to 2.8.45+ and the 5 min delay should go away.
lowlevel I'm seeing the same currently. I did test GSA in another M365 tenant before deploying for real and I don't see this issue. It's enabled straight away after I logon.
Are you still seeing the same thing or did you find a way to fix it?
This issue seemed to go away... I'm not entirely sure what fixed it, but perhaps paid license instead of trial, or applying forwarding policies to all users instead of groups.
- Anyone know how to actually troubleshoot this? Is there somewhere with good logs I can check? I see the advanced logging with dozens of text files but not sure where to start, and the "breakglass mode is enabled" doesn't tell me anything really.
Hi here's a update, make sure to assign users to the traffic forwarding profiles or nothing will work, once you have assigned it give it a bit of time ( 1 ish hour ) and then restart your endpoints, it should work instantly.
rhythm2240 sporadically reverts to "breakglass" - everything seems set up correctly. Seems buggy.
- I've got traffic forwarding profiles assigned and no dice - GSA client on endpoint says something like org has disabled this, and I see the same breakglass error as the OP.
rhythm2240 I'm seeing the "breakglass mode" error as well, with a client that DID previously work. Hoping someone chimes in here with some insight because that does not exist on the internet as a thing.
Hi Rhythm,
We have configured Private Access. The GSA client has been deployed via Intune and authentication is done through SSO. Could you please navigate to GSA > Dashboard > Device Status and check if your client is active there?
Best regards,
Jos
Hi,
I have the same issue. Though profiles are enabled with assigned licensed user. Device is entra joined with the licensed user creds. Client is installed but no prompt for sign in. No SSO enabled as to perform auto signin, since device login happens with local admin account. Any way to prompt for authentication from the client manually?
