Palo Alto Globalptotect intermitant PanGPS error 'network type is unknown network' that causes the HIP report to not be send every hour

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.

Palo Alto Globalptotect intermitant PanGPS error 'network type is unknown network' that causes the HIP report to not be send every hour

L6 Presenter

Has someone seen an issue where the PanGPS log is saying "network type is unknown network" before failing to send the HIP report every hour?

 

 

For info we don't use or have enabled Internal Host Detection as there no internal gateways and I see that there are no logs before that for DNS resolution, so the Globalprotect app does not try to trigger any fqdn resolution and this is ok but why the error :(. Also the Globalprotect App is the latest version 5.2.6 and the issue is still present on it.

3 REPLIES 3

L6 Presenter

@kiwi  and @aleksandar.astardzhiev  have you seen such issue before?

Community Team Member

Hi @nikoolayy1 ,

 

I have seen this before.  And as you've already pointed out the internal host detection was a valid workaround in our scenario:

 

(T4416)Debug(5897): 01/05/21 15:34:52:324 HipReportThread: network type is unknown network.

 

As a workaround we configured a dummy internal host detection that always resolves network type as external (IP address 1.2.3.4 and host fakehost.com). This config on the GP client helped to identify the network type as external.

 

 

In another scenario I saw this behaviour when Prisma Access came into play:

 

  1. Users have user-logon as connect-method for the globalprotect agents which is an 'Always-on' method, meaning that you want the users to automatically establish a connection to the gateway.
  2. Prisma Access is setting priority 0 (manual only) for users outside US which is contradicting the user-logon (always-on) behaviour.
  3. HIP Is not submitted since the above configuration (User Logon connection Method + All External Gateways in Manual-Only mode) led to a failing to discover external network - (T4004)Debug(5897): 01/29/21 11:19:49:051 HipReportThread: network type is unknown network
  4. As a fix/workaround for this: enable one of the gateways mentioned in the document below for redundancy if the users travel outside of US.  This is how Prisma Access is designed: https://docs.paloaltonetworks.com/prisma/prisma-access/prisma-access-panorama-admin/prisma-access-fo...

 

Hope it helps,

-Kiwi.

LIVEcommunity team member, CISSP
Cheers,
Kiwi
Please help out other users and “Accept as Solution” if a post helps solve your problem !

Read more about how and why to accept solutions.

L6 Presenter

Thanks Kiwi, I was also thinking the same but we had Palo Alto TAC case and we were still waiting for them but they are taking too long and now that you confirmed that this may help, I will move on with the testing it. I will write if this solved the issue.

  • 2745 Views
  • 3 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!