For details on cookie usage on our site, read our Privacy Policy
Global Protect gateway is unresponsive
- LIVEcommunity
- Discussions
- Network Security
- GlobalProtect Discussions
- Global Protect gateway is unresponsive
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Printer Friendly Page
Global Protect gateway is unresponsive
- Mark as New
- Subscribe to RSS Feed
- Permalink
02-14-2022 12:41 PM
I have a GP user complaining about his GP sessions getting dropped. He's using certificate auth autovpn. The full error is
[Error]: The network connection is unreachable or the gateway is unresponsive. Check the network connection and reconnect.
Network discovery started.
Now while that is going on, I see in Monitor/Global protect at that time is repeated messages of the client in pre-login
before-login status and no IP address yet assigned. What is likely going on? Any other logs to review?
| Type | Generate Time | Event ID | Stage | Source User | Source Region | Public IP | Public IPv6 | Private IP | Private IPv6 | Client Version |
| GLOBALPROTECT | 2/14/2022 4:45 | gateway-prelogin | before-login | ACME-67321211157 | US | 200.33.22.130 | 0.0.0.0 | 0.0.0.0 | 0.0.0.0 | 5.2.5 |
| GLOBALPROTECT | 2/14/2022 4:44 | gateway-prelogin | before-login | ACME-67321211157 | US | 200.33.22.130 | 0.0.0.0 | 0.0.0.0 | 0.0.0.0 | 5.2.5
|
| Client OS | Client OS Version | Repeat Count | Status | Login Duration | Error Code | Portal | Sequence Number | Action Flags | High Res Timestamp | Selection Type | Response Time |
| Windows | Microsoft Windows 10 Enterprise , 64-bit | 1 | success | 0 | 0 | GP_Gateway | 27604518 | 0x0 | 2022-02-14T04:45:07.499-08:00 | ||
| Windows | Microsoft Windows 10 Enterprise , 64-bit | 1 | success | 0 | 0 | GP_Gateway | 27604477 | 0x0 | 2022-02-14T04:44:35.386-08:00 |
- Mark as New
- Subscribe to RSS Feed
- Permalink
10-26-2022 09:08 AM
Hi. We've had a lot of progress since then. One issue was upgrading to a more recent GP client. 5.2.12
has been less problematic and worked past a known bug. I'm posting the login event phases you should
see in sequence as I was not clear on that part in February. Not that the get-config is when the address
is assigned. Also are you pulling down the GP client debugs? They have a lot of into including
ipconfig /all, netstat -rn, GP events. I wish there was a way we could get that data without bothering
the user about it. But if you can get them to send it it's pretty insightful.
- Mark as New
- Subscribe to RSS Feed
- Permalink
10-26-2022 09:52 AM - edited 10-26-2022 09:53 AM
For affected users, the only event we're seeing in the GP log on the firewall is portal-prelogin. I've looked at the pangps.log from an affected client and it wasn't really helpful. We've tried a few different GP versions, including the latest 6.1.0, and full uninstall/reboot/install.
Based on this thread, I'm thinking it might actually be a Windows update issue, but we haven't gotten to testing either uninstalling the October CU or installing the out-of-band patch noted there. Thanks.
Matt
- Mark as New
- Subscribe to RSS Feed
- Permalink
10-26-2022 09:59 AM
Perhaps the the pan_gp_event log.would be more helpful? That's my go-to.
- Is it possible to host a Global Protect Portal and Gateway on the same outside interface as IPSEC VPNS in GlobalProtect Discussions
- User unable to connect to VPN portal address after USMT data transfer to new PC in GlobalProtect Discussions
- Global Protect wont load gateway in GlobalProtect Discussions
- Filtering by a Azure AD user does not work in Gateway-->Agent-->Client Settings in GlobalProtect Discussions
- GlobalProtect VPN settings in GlobalProtect Discussions
Show your appreciation!
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
