cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Global Protect Client Error "Failed to get default route entry"

Announcements

Changes to the LIVEcommunity experience are coming soon... Here's what you need to know.

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Reply
MHaran
L1 Bithead
‎02-22-2016 07:25 AM
‎02-22-2016 07:25 AM

Global Protect Client Error "Failed to get default route entry"

Hi,

 

Has anyone seen this error before?

 

I have a user who is using SSL VPN to the Palo Alto.  Upon downloading the client, the initial connection works.

 

However, subsequent connections displays an error on the client "Failed to get default route entry".  The logs on the Palo Alto Firewall don't suggest an issue an indicate the user is connected and an IP assigned.  Yet the IPconfig on the laptop does not indicate the IP has been received.

 

I have other users connecting OK.

 

Regards

 

Mike

 

 

0 Likes
Reply
vkalal
L3 Networker
‎02-22-2016 08:00 AM
‎02-22-2016 08:00 AM

One of the following should resolve your issue :

 

1. uninstall and re-install the GP client

2. Upgrade the GP client to the latest version

3. Re-image the workstation

4. If all fails try upgrading the pan-os version. (If you are still on the 6.1.X series)

0 Likes
Reply
MHaran
L1 Bithead
‎02-22-2016 09:03 AM
‎02-22-2016 09:03 AM

Responses below

 

1. uninstall and re-install the GP client - Have done this but still the same

2. Upgrade the GP client to the latest version - We are running the latest version

3. Re-image the workstation - Really?  Re-Image a Client PC....what is the reason for this?

4. If all fails try upgrading the pan-os version. (If you are still on the 6.1.X series) - We are running the latest version

 

I have just started rolling this out and if point 3 is something I need to consider I will be worried

0 Likes
Reply
vkalal
L3 Networker
‎02-22-2016 09:12 AM
‎02-22-2016 09:12 AM

Reimage PC : To reformat the hard drive and repair damaged partitions

0 Likes
Reply
pankaku
L5 Sessionator
‎02-22-2016 09:28 AM
‎02-22-2016 09:28 AM

You might have installed some third party software like antivirus/firewall/another vpn software which is confilicting.

0 Likes
Reply
Lucky
L5 Sessionator
‎02-22-2016 02:05 PM
‎02-22-2016 02:05 PM

Hi Mike,

 

can you raise debug on the client side? Should be enabled from the GP configuration for users, you can collect troubleshooting information for network configurations and routing table. It is worth investigating is there some conflict in third-party software as well (why is customer using SSL VPN? Are they using some IPsec VPN at the same time that sets default route with same metric...?) I am thinking, error is not the happiest description what happened - it might be having problems installing default route to the client...

 

Raising debug on client and investigating client's routing table would be my first steps, before I take it to the GP, especially if everything works with all/most of other clients, debugged logs should tell you more anyhow. I would also try using the latest version of client, 3.0 has been out for a few days - perhaps it will solve your problems.

 

Best regards,

Luciano

0 Likes
Reply
SajidAliSajid
L2 Linker
‎03-24-2020 08:43 PM
‎03-24-2020 08:43 PM

How to fix this "Failed to get default route entry" issue?

 

0 Likes
Reply
kiwi
Community Team Member
‎04-08-2020 07:49 AM
‎04-08-2020 07:49 AM

Hi @SajidAliSajid ,

 

Luciano's previous comment is old but still valid.  Please do some debugging on the client side.  Collect the debug logs from the GP client and check there for starters.

 

Cheers,

-Kiwi.

0 Likes
Reply
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!

Latest Blogs
Latest Posts
Privacy Policy Terms of Use
Copyright 2007 - 2021 - Palo Alto Networks