PANOS-8.0 broke IPSec XAuth VPN?

Reply
L2 Linker

PANOS-8.0 broke IPSec XAuth VPN?

Hi,

 

After I upgraded to our PA-3050 to PANOS-8.0, ios and android native clients (using ipsec xauth) don't work anymore. These clients can  authenticate successfuly and get a valid IP from the gateway ip pool. But after this they can't access anything. There is no traffic logs shown with the vpn ip either.

 

Anybody using 8.0 can test if ipsec xauth is functional to see if its 8.0 upgrade or something else is wrong with my setup.

 

Thanks,

 

Rahman

L2 Linker

Re: PANOS-8.0 broke IPSec XAuth VPN?

Updating to 8.0 has a huge amount of risks for any production environment. The code is brand new and I would only recommend it in lab devices. It you updated and it broke things, you'll have to report it to support and let them know that is broke something. This kind of thing will most likely go on until 8.0.6.

 

 

- Peter

L6 Presenter

Re: PANOS-8.0 broke IPSec XAuth VPN?

Hi

 

we have the same issue

 

Regards

 

 

 

L2 Linker

Re: PANOS-8.0 broke IPSec XAuth VPN?

Can anybody test if 8.0.1 fixed the issue?

 

Thanks,

 

Rahman

L0 Member

Re: PANOS-8.0 broke IPSec XAuth VPN?

Has anyone managed to solve this problem?

L7 Applicator

Re: PANOS-8.0 broke IPSec XAuth VPN?

@JoaoCesar,

I would harbor a guess that you will need to update to 8.0.2 if this is fixed in the 8.0 code yet. 

L6 Presenter

Re: PANOS-8.0 broke IPSec XAuth VPN?

L0 Member

Re: PANOS-8.0 broke IPSec XAuth VPN?

Some phone models connects and receives an IP-Pool IP but it cannot reach the internal resources.


Motorola Moto Z Android 7 -> problem
Motorola Moto G3 Android 6 -> probelm
Motorola Moto Maxx Android 6 - > problem
Lenovo Vibe K6 Android 6 -> problem

Samsung Galaxy S7 Android 7 -> OK
Samsung Galaxy S4 Android 5.1 -> OK
Iphone 4 iOS 7 -> OK

Test with PAN-OS 8.0.2 and 8.0.3.


L6 Presenter

Re: PANOS-8.0 broke IPSec XAuth VPN?

Hi,

 

ls there a useful info in the ikemgr.log file:

 

> tail lines 100 mp-log ikemgr.log

 

Did you try to re-create a VPN profile on the affected client mobile phones?

L0 Member

Re: PANOS-8.0 broke IPSec XAuth VPN?

I have same issue like this, I tried  Huawei P9 andriod 7.0, SAMSUNG S7edge 7.0  sometime work , some time not. PAN-OS 8.0.4,7.1.11,7.0.12  same issue.

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!

The Live Community thanks you for your participation!