- Access exclusive content
- Connect with peers
- Share your expertise
- Find support resources
10-25-2016 03:36 AM
when connected to global protect VPN unable to see other devices on network
10-27-2016 12:35 AM
is Internet connnectivity established when you connect the link ???
10-27-2016 01:18 AM
Yes Interent is fine, i am able to connect to global protect Gateway also , able to access intranet resources.
Only thing is unable to access local resources like local printer etc.
Thanks in Advance.
10-27-2016 02:30 AM - edited 10-27-2016 02:31 AM
Hi @fatboy1607,
Did you disable access to the local subnet ?
Depending on your PAN-OS version :
PAN-OS 7.0 : Network tab > GlobalProtect > Gateways > <Your Gateway> > Client Configuration > Network Settings > <Your Config> > Network Settings
PAN-OS 7.1 : Network tab > GlobalProtect > Gateways > <Your Gateway> > Agent > Client Settings > <Your Config> > Network Settings
If that's the case then this article might be useful for you :
GlobalProtect Disable Local Subnet Access
I hope this helps,
-Kim.
10-27-2016 02:32 AM
Thanks Kim
But we have enabled that feature. still local network is not accessible.
10-27-2016 02:35 AM - edited 10-27-2016 02:35 AM
Did you mean disabled ? If the checkbox is checked, then you won't have access to your local resources.
If you want access to your local network, the option needs to be disabled (= not checked).
Hope this helps,
-Kim.
10-27-2016 02:38 AM
it is not checked .
10-27-2016 03:26 AM
Hi,
Any access routes configured ?
I'd check my routing table when connected. Are you egressing the expected interface while connected ?
-Kim.
10-27-2016 03:28 AM
yes Egress interface is correct.
and I can see local routes learned gateway type On-link.
10-27-2016 05:17 AM
Hi,
As its a gp connection its probably arriving on a different zone. Do you have rules in place to allow the traffic ?
Enable the interzone logging rule and set it to log at session end. Do you see the traffic hit this rule ?
Replicate trying to access machines on the network and filter by the user in the traffic logs , ping a screenshot up as a reply ..
also make sure no denies hitting the threat logs or url logs ..
kind regards
robert D
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!