We have problem connecting to a VPN using GlobalProtect. We opened a case but maybe someone has an idea what's going on..
The error message on GP client is
Error(4960): failed to get the tag gateways(T1404)
Error(5401): Failed to get gateway list for external network.
Erros on Palo Alto:
GlobalProtect portal user authentication succeeded. Login from: x.x.x.x, User name: YY, Auth type: profile.
GlobalProtect portal client configuration failed. Login from: x.x.x.x, User name: YY.
Device has been upgraded from 5.0.8 version to 6.0.6 month (or two) ago and GP was working fine until a week ago. The problem first appeared only to some people (weird?), but today almost all users have this problem.
All tips and ideas are welcome. :smileyhappy:
If issue occurred after upgrading to 6.0 then I would definitely check the common name of the certificate used for global protect (see if that is ip or fqdn) and the configuration under Portal's Client config. It must match what we have on certificate. If certificate has a common name abc.company.com then under external gateway setting we should configure abc.company.com (and not its public ip say 188.8.131.52). Hope this helps. Thank you.
Thanks ssharma and oklier.
Problem did not start right away after upgrade. GP was working fine for a few weeks on 6.0.6 version.
Same problem with the newest GP client..
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!
The Live Community thanks you for your participation!