One of my customer experiencing a weird issue in global protect.
When Client joins the GP he get a private IP 172.16.100.230 and i can see that system logs and also in his GP Agent. When he initiates traffic i can able to see that private iP in traffic log as well but issue is when i go to see the current users in GP Gateway >Remote user, i only see 0.0.0.0 as a private IP. Why this is happening ?? I surfed for a KB article but i couldn't find one, so if you guys found one please share and if you guys possess knowledge about this issue please share it here. I can't restart the ikemgr and sslmgr because user is getting authenticated and getting the correct private IP but only in firewall i cannot see that in current connected users, so there is any demon i have to restart except for ikemgr, sslmgr and rsamgr...???
Hi @sahithyan.subbu ,
Any more details on your customer environment ?
PAN-OS version, GP version ? HA-setup yes/no?
Not entirely the same issue I suspect ... but I saw 0.0.0.0 as connected users on an HA-setup where the 2 firewalls didn't match on PAN-OS version.
I wouldn't say this is expected
Does it happen for all the users or just one ? All gateways or just one (if you have multiple) ?
Also to confirm ... everything is working fine connection wise ?
It happens for random users and if once user's private IP starts showing 0.0.0.0 in remote user section that stays forever. Even after multiple re-connections from client side it just wont change back to actual private IP.
About multiple gateways, yeah customer got 2 gateways but 2nd is non implemented in live yet so actual live in 1 gateway.
Irony is this doesn't impact the network in anyway because in user end agent getting actual private IP that is 172.16.100.234, and also in traffic log i can able to see that actual IP also i can see that actual IP in system logs. Only thing is in GP gateway remote users section, only there i am seeing this weird ip 0.0.0.0 instead of actual private IP.
Hi @sahithyan.subbu ,
That sounds like a bug :S
Luckily it seems to be a visual bug only and not impacting any performance.
I'd recommend to gather GP logs and Firewall logs and Tech support file to report it to Technical Support.
When we see this it is 100% of the time due to the user(s) not being in the AD group that is allowed to use the VPN. Once they are added to the proper group then they get a valid IP.
I did see this one other time after a PANOS upgrade everyone had 0.0.0.0 and that was a visual "glitch/bug" the user still had an IP address when checked on the CLI.
Yeah man, I too think so
Okay will create a ticket with PA TAC and will post the results here after i get a conclusion on this.
Thanks for your support man, Appreciate that.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!