This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences

Global connect client connected but no IP address assigned

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.

Global connect client connected but no IP address assigned

JulijanKlancnik
L0 Member

‎03-14-2017 01:06 PM

I have this odd situation, global connect client successfully establish the connection with portal but in network area there is no IP address on virtual PAN network card. This is only happening with new users. Old users seems to have no problems.

I Have GP version 3.0.0-74 and PA-500.

Is anyone else having same isue? Every suggestion would be appriciated, I have allready spend a lot of time troubleshooting.

0 Likes Likes
3 REPLIES 3

glastra1
L4 Transporter

‎03-15-2017 12:29 PM

Enable troubleshooting on the global protect client.

More information would be helpful.. Have you configured a global protect gateway? is it FQDN/IP? Has the global protect gateway an IP pool? Is the agent gateway configuration enabled for all the users or just for an specific group? Is the computer NIC in the same network as the IP pool?

 

regards,

Gerardo.

0 Likes Likes

BPry
Cyber Elite
Cyber Elite

‎03-15-2017 01:06 PM

Just a thought here but if new users are not experiencing any issues it sounds like the IPs being utilized are not set to expire the lease, since the old user has an existing lease they pickup the old IP that they have always had, new users are unable to grab an IP because the pool is exhausted. Not having any additional informaiton this is really the only thing I can think of. 

 

Since I don't know where you are getting your addresses (ip Pool or Auth Server) there isn't much that I can say for troubleshooting. Has the box been restarted, I'm not sure what actual process hands out the IPs for GP but maybe someone else has that info.  

0 Likes Likes

JulijanKlancnik
L0 Member
In response to BPry

‎03-16-2017 12:47 AM - edited ‎03-16-2017 02:40 AM

Hello, thank you for your replay. I'm getting IPs from GP portal dhcp pool. It's /24 subnet. And I really don't have much users (less than 10). How can I check for dhcp leases (I tried with: show dhcp server lease all - got no records).

Old clients can connect, problem is only on new clients (I have two remote users with same isue).

I've checked for user ip mapping on FW:

show user ip-user-mapping all | match "user"
x.x.x.41    vsys1  GP      domain\user                   2591894        2591894

 

So FW is serving the ip to the client, but on GP Client I have this:

GP-client.jpg

You can see, that there is no IPv4 assigned on the GP Client.

 

0 Likes Likes
  • 3469 Views
  • 3 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!

LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2024 - Palo Alto Networks