04-24-2013 07:24 PM
PAN version 5.0.4, GP client version 1.2.2.
GlobalProtect is set up with a loopback address on both the portal and gateway, and they share a 3rd party cert. I can access the portal, and download the client on a Windows machine. I need to get this up and running as it's replacing my current VPN solution, and this has to be working before I roll over to the PA-500 in production overall.
The trouble I'm having is:
If I do "ipconfig", the PAN Virtual Ethernet Adapter does not have a default gateway listed.
I then tried installing the Windows client on my Windows 7 desktop at home, and the same thing happens. No access to internal resources. No default gateway listed on the adapter.
If the iPhone can access the internal network, what's wrong with the Windows machines or the GlobalProtect agent/client deployed to them that they aren't connecting? Should there be a default gateway listed on the PAN Virtual Ethernet Adapter?
04-24-2013 07:43 PM
Please follow this doc https://live.paloaltonetworks.com/docs/DOC-4917 and collect the logs, once done please look at routeprint.txt and also the PANGPS file to see if there is anything wrong.
04-24-2013 08:25 PM
Well, I thought I wasn't able to connect to internals with the Windows laptop, but it appears I can. I only have those two machines internally (the server and the other subnet PC) currently setup to use the PA-500, and the rest run through my current production firewall/router. When pinging on the iPhone, I pinged those two fine, and RDP'ed fine. When going on the Windows laptop, I initially tried pinging the internal DNS server, and it didn't work (and it shouldn't since it's not running through the PA-500), and I couldn't remote into the server (because I was remoting by hostname rather than IP, and that hostname wasn't resolving due to no connection to DNS server). Once I pinged the internal LAN server and other subnet PC (I thought I had, but didn't), it worked. I then was able to remote into the server by it's IP address.
I simply just confused myself with everything I'm setting up! Thanks for the suggestion though. I think I'm going to delete this thread due to ignorance 
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
