After correctly configuring global protect VPN on the firewall, and installed the agent globalprotect on the remote machine, when I am in connected mode with the agent I can not connect to my internal network not even send a ping, I checked the security rules and the NAT between the two zones, the access route but the problem persists
Can you not send a ping at all? Or is it that you're not receiving a response to ping? It sounds like a slight symantic difference, but it is rather important. If you can't even send a ping because you get an error saying that the destination net is unreachable, it's different than if you're sending the ping but it times out.
Assuming it's a timeout, do you see the session on the firewall while you're running the ping test?
If your internal IP from the GlobalProtect pool is 192.0.2.1 and you're trying to reach 172.16.1.1, you can check the session with:
> show session all filter source 192.0.2.1 destination 172.16.1.1
In the results, find one session that matches and pull up its details with:
> show session id 123456
There you should see packets in the c2s (client to server) flow and ideally will see the responses in the s2c flow. If you're seeing the packets leave the firewall but not return, it's likely a routing problem with your destination not knowing how to route back to the IP Pool you gave to your GP clients, or the source NAT address.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!
The Live Community thanks you for your participation!