GP user logouts.

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

GP user logouts.

L2 Linker

trying to find out if there's a list of the various messages and what they mean, particulary with 'globalprotectgateway-logout-succ'. I'm specifically trying to identify what 'Reason: remove previous login' means.

 

I assume it means the previous session didn't close and a new session was created, like if the user's machine goes to sleep or reboots. Can't find any sort of rosetta stone for this in Palos' documentation.

 

Thanks.

5 REPLIES 5

L7 Applicator

it usually states...   previous session found with a failed login attempt.

 

yes this is from a disconnected session without using the disconnect button.

 

unfortunately this does not apply to the actual user. this would prevent multiple logons, it's more the user and device combo.

 

there is a not too bad training video on the live education site, it does most of the error situations but not all.

 

the logs are pretty hard to interprate sometimes as its full of "failed" messages and whats failing is supposed to fail. if you get my meaning...

L7 Applicator

lol, thanks for the compliment @Mick_Ball but that article is all @abjain's 😉

Tom Piens
PANgurus - Strata specialist; config reviews, policy optimization

oops, sorry @abjain's .

@reaper, you were mentioned as a contributor... hence the confusion...  whilst I have your attention...

 

do you know of any other good resources for this post from @cengasser.

 

all/most of the entries come with a Debug code "Debug (5613)" are these codes not documented anywhere...  or are we just to go by the following remarks, as per "Debug (5613) portal status is connected"

 

 

L7 Applicator

@cengasserwrote:

 'Reason: remove previous login'


This simply means that there still was a GP session which did not disconnect properly and also did not reach the configured timeout, when the firewall would remove a session without traffic. As mentionned by @Mick_Ball there was still a user-device-pair session "active" on the firewall so the firewall first has to remove this user-device-pair-login in order to allow a new global protect session.

  • 4548 Views
  • 5 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!