Globalprotect dissonnection issues

Reply
Highlighted
L4 Transporter

Globalprotect dissonnection issues

I have a couple of users who say that when on the GP VPN client it disconnects them multiple times and I have not been able to reproduce their issues.

The only thing I have found so far is this in the system logs "globalprotect gateway user login failed. error existing user session found"

 

collected logs on the client and nothing really stands out. any ideas would be appreciated

Highlighted
L7 Applicator

@jdprovine, Hi.

 

the error log you are seeing is normal when a user is disconnected but does not manually disconnect.....

 

are they just losing comms or does the GP client actually display the red "X".

 

if you are getting the "X" then this will be detailed in the GP client logs...

 

what version of GP and PAN OS...

 

 

 

Highlighted
L7 Applicator

Also... are they able to reconnect immediately....

Highlighted
L4 Transporter

@MickBall

 

Version of GP is 4.0 Pan OS is 7.1.13

Not sure about the red X - GP client logs on the client itself or on the firewall

Highlighted
L7 Applicator

when you say not sure about the red X, do you mean you don't know what I'm talking about or you haven't asked the users...

 

its not actually a red cross, it's a white cross in a red circle... (system tray icon)

 

perhaps it would be easier to say "how do they know that they have been disconnected".

 

yes client logs... 

 

 

Highlighted
L7 Applicator

just going for a smoke... but also...

 

what is auth method.

is connection on demand or always on

any cert auth involved

is this wifi or mobile data

 

laters.....

Highlighted
L4 Transporter

@MickBall

 

He says that it say disconnected but didn't look for the red x, the connection is on-demand, we do have a cert involved, not mobile its a desktop, don't think it is wifi

 

 

image.pngimage.png

Highlighted
L4 Transporter

@MickBall

 

He does not reconnect, he ends up choosing to connect again through the client

Highlighted
L7 Applicator

"He does not reconnect, he ends up choosing to connect again through the client"

 

what i meant was.... was he able manually connect immediately or did it take a few attempts....

 

can we assume he is using the same portal/gateway address as other users without the issue....

 

are the users with the same issue all connecting from the same site..

 

probably teaching you to suck eggs but worth asking....

 

also... on your version of 7 do you have the option in the GP portal app for "restoration of VPN connection timeout"

I'm not sure when this was introduced...

 

if the "disconnected" pop up is visible then this will be recorded in the pangps.log from client.

 

 

Highlighted
L4 Transporter

@MickBall

 

He was not able to immediately connect manually it took a few attempts

Yes he is using the same portal/gateway that I am, and I am having no issues. In fact I have my spare laptop on comcast connecting through the VPN and having no issues. It has been online for about 2 hours. No the two users that are having issues are connecting from home and they don't even live in the same town. 

I checked the portal/app tab and automatic restoration of VPN connection restore attempts (sec) is set to 30

 

Is this on the firewall pangps.log ? Or does it need to be collected through the client

 

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!

The Live Community thanks you for your participation!