Can't get traffic to GP VPN clients

L1 Bithead

Can't get traffic to GP VPN clients

I'm trying to figure out how to get traffic from my internal network to my GP VPN clients. At the moment I can't even ping the remote users. They can access all corporate resources without issue I just can't seem to get any traffic out to them. It seems I have this issue with any tunnel.xx interface. Is there something obvious here that I'm missing?


I'm running an 820 with 8.1.6.

Tags (2)
Cyber Elite

You may want to confirm that the virtual pool of addresses that the GP users are getting is an UNKNOWN/un-used range from your internal network.  Too often I see customers using a subnet that is internal to the network, and then the L3 switch does not know how to get them to the users.   So routing/subnet is one issue.


Let us know how this works.. provide other detials.



Help the community: Like helpful comments and mark solutions
L1 Bithead

Hi Steve,


Yes I can confirm that the virtual pool definitely is not used anywhere else in my network. I've also got a static route setup for it same as I do my other networks that terminate on the PA.

L7 Applicator

Every setup is different but for me i just have a policy to allow all from trusted zone to vpn tunnel zone.



L1 Bithead

I have a similar policy that basically allows my entire IT zone to access any on my Global Protect zone. I don't think its a policy issue so much as a routing issue as I can ping the tunnel gateway but not the individual clients that are remoting in.

Tags (1)
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!