Global Protect gateway is unresponsive

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Global Protect gateway is unresponsive

L3 Networker

I have a GP user complaining about his GP sessions getting dropped. He's using certificate auth autovpn. The full error is 

 

[Error]: The network connection is unreachable or the gateway is unresponsive. Check the network connection and reconnect. 

Network discovery started.

 

Now while that is going on, I see in Monitor/Global protect at that time is repeated messages of the client in pre-login

before-login status and no IP address yet assigned. What is likely going on? Any other logs to review?

 

TypeGenerate TimeEvent IDStageSource UserSource RegionPublic IPPublic IPv6Private IPPrivate IPv6Client Version
GLOBALPROTECT2/14/2022 4:45gateway-preloginbefore-loginACME-67321211157US200.33.22.1300.0.0.00.0.0.00.0.0.05.2.5
GLOBALPROTECT2/14/2022 4:44gateway-preloginbefore-loginACME-67321211157US200.33.22.1300.0.0.00.0.0.00.0.0.0

5.2.5

 

 

 

Client OSClient OS VersionRepeat CountStatusLogin DurationError CodePortalSequence NumberAction FlagsHigh Res TimestampSelection TypeResponse Time
WindowsMicrosoft Windows 10 Enterprise , 64-bit1success00GP_Gateway276045180x02022-02-14T04:45:07.499-08:00
WindowsMicrosoft Windows 10 Enterprise , 64-bit1success00GP_Gateway276044770x02022-02-14T04:44:35.386-08:00
8 REPLIES 8

L2 Linker

Hi @palomed ,

 

We're having a similar issue, just using standard authentication, not certificates.  Were you able to get a resolution for the issue?  Thanks.

 

Matt

Hi. We've had a lot of progress since then. One issue was upgrading to a more recent GP client. 5.2.12 

has been less problematic and worked past a known bug. I'm posting the login event phases you should

see in sequence as I was not clear on that part in February. Not that the get-config is when the address

is assigned. Also are you pulling down the GP client debugs? They have a lot of into including 

ipconfig /all, netstat -rn, GP events. I wish there was a way we could get that data without bothering

the user about it. But if you can get them to send it it's pretty insightful.

 

MichaelMedwid_0-1666800332359.png

 

For affected users, the only event we're seeing in the GP log on the firewall is portal-prelogin.  I've looked at the pangps.log from an affected client and it wasn't really helpful.  We've tried a few different GP versions, including the latest 6.1.0, and full uninstall/reboot/install.

 

Based on this thread, I'm thinking it might actually be a Windows update issue, but we haven't gotten to testing either uninstalling the October CU or installing the out-of-band patch noted there.  Thanks.

 

Matt

Perhaps the the pan_gp_event log.would be more helpful? That's my go-to.

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!