For details on cookie usage on our site, read our Privacy Policy
Global Protect disconnect issue
- LIVEcommunity
- Discussions
- General Topics
- Re: Global Protect disconnect issue
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Printer Friendly Page
Global Protect disconnect issue
- Mark as New
- Subscribe to RSS Feed
- Permalink
08-11-2014 08:43 AM
3000 series FW, software 6.0.1, GP 2.0.1 -- GP continually disconnects/reconnects.. tried reinstalling client, rebooting, etc.. happens with some users at random times..then the issue will magically go away. Anyone else experience?
- Mark as New
- Subscribe to RSS Feed
- Permalink
05-17-2018 02:18 PM
I think you cannot compare your issues to the once in this topic (2 repectively 4 year old topic).
What versions PAN-OS and GlobalProtect are you using? How are the users connected when they complain about reconnects: wired, wireless, mobile?
- Mark as New
- Subscribe to RSS Feed
- Permalink
05-17-2018 02:48 PM - edited 05-17-2018 02:50 PM
I just wanted to know if this issue was resolved and what was the solution.
PAN-OS : 8.0.5
GlobalProtect : 4.0.5
All are connected via wireless. I suspected the issue was wireless but other users are also connected via wireless.
Was just wondering what does this mean
(T188) 05/17/18 15:40:33:044 Debug( 402): Enforcer,Successfully Committed BreakAllExistingConnections Transaction.
(T188) 05/17/18 15:40:33:044 Debug(8965): PanMSService::UpdateGPEnforcer() - enforcer is blocking.
I have been seeing this evertime these is a reconnect
- Mark as New
- Subscribe to RSS Feed
- Permalink
05-24-2018 04:47 PM
@rrau wrote:3000 series FW, software 6.0.1, GP 2.0.1 -- GP continually disconnects/reconnects.. tried reinstalling client, rebooting, etc.. happens with some users at random times..then the issue will magically go away. Anyone else experience?
I've seen this caused by some kinds of cable or DSL modems on the remote end.
It's got soemthing to do with the way some modems do UDP security - they allow the connection/authentication, but block the packets after the connection competes, resulting in a timeout and disconnect.
Once it disconnects, the client goes back to phase 1 and reconnects and discovers fine - but then times out again after 5 minutes.
The various modem/router manufaturers call the settings different things - ALG, PnP Security, some toher things. It's particularly common on DLink routers
I'm not sure if I can link to external dicsussions here - I'll try
- Mark as New
- Subscribe to RSS Feed
- Permalink
05-30-2018 04:46 AM
Just an FYI, for my disconnect issues we saw a lot of
"(T16164) 05/17/18 13:32:21:064 Debug(1231): packet length 44 is less than udp length 64067: gateway route may get removed
(T16164) 05/17/18 13:32:21:064 Debug(1307): CheckDriverData() failed" before the tunnel between machine and GP goes down.
GPC- 5274 Fixed an issue where GlobalProtect agents (versions 4.0.3 to 4.0.5) discarded fragmented UDP packets.
Wll be upgrading the GP to 4.0.8 and check if this still happens.
- Global Protect in General Topics
- Azure AD + Globalprotect = unable to filter the client settings in GlobalProtect Discussions
- Global Protect Virtual adapter not installed on ARM64 win 11 device in GlobalProtect Discussions
- VPN Not Connecting on MAC OSX in GlobalProtect Discussions
- Global Protect multiple VPN and multiple authentication methods in General Topics
Show your appreciation!
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
