When establishing a connection via PPPOE there is no possibility to select the IP ("None") assigned by ISP in the Global Protect portal configuration, only the interface, which is not sufficient for it to work. I would expect that the IP assigned by ISP is created as an dynamic address object.
To make GP work with portal & gateway, I had to create a loopback, then doing a NAT from the pppoe interface's (in my case eth1/1) ip:some other port not being 443 to the loopback:443. I had to create an additional address object where I manually had to put in the dynamic ip. I now have to amend this address object manually every time the interface ip changes. Am I missing something here or is it really this cumbersome using PPPOE?
It seems PAN is not that much interested in supporting PPPOE connections- besides this, there is also lack of vlan tagging support once the L3 interface has been set to PPPOE which many ISPs require and no option for a scheduled reconnection.
Solved! Go to Solution.
This should be work with 'None' in IP address field.
Here is my testbed (sorry, mine is dhcp client - not pppoe)
With above interface, if I configure GP as below...
The device recognizes IP address which retrieved from ISP.
admin@PA-220> debug ssl-vpn global-protect-portal
portal : gptest
portal address IPv4 : 58.156.1xx.xxx
admin@PA-220> debug ssl-vpn global-protect-gateway
gateway : gptest
gateway address (IPv4 Only) : 58.156.1xx.xxx
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!
The Live Community thanks you for your participation!