08-30-2024 07:54 AM
We recently upgraded to Global Protect 6.2.4 with a test group of users, (Windows 10 machines) and users who try to change networks, either going from Wi-Fi to another Wi-Fi network or hotspot or Ethernet to Wi-Fi/vice versa, all of a sudden have their Network Adapter card shut off. This actually also happened with version 6.1.5 which we tried first. If you remove the client, this does not happen to the machines. The only recourse is rebooting. Since we have bldgs with multi floors and users are not going to shut down and reboot while moving between floors, it is a real problem.
08-30-2024 09:32 AM
Im actually able to replicate this as well, still currently looking into it in my environment. However, the issue appears to be that its trying to switch between IPv4 and IPv6. Running a packet capture on my machine and pinging 8.8.8.8 I can see that traffic consistently, but then when I switch to a different wifi as you stated I then start consistently doing IPv6. I disabled IPv6 on my wireless network adapter and things started working immediately. I can replicate the issue on 6.2.3 as well but not 6.2.2.
09-03-2024 10:18 AM
We also are running into this issue. We have a case open with Palo and sent them a link to this discussion. I also started looking into the ipv6 setup on the machines having issues, but were not sure if that was the root cause since the issue is hard to replicate consistently.
09-03-2024 11:07 AM
Our case is still pending, we are still trying to gather additional evidence as requested. We do not have ipv6 enabled in the profiles, its intermittent for sure, but we can re-create it. We had a user this morning, unplug from the docking station (ethernet), walk a few feet to a conference room and then had no internet connection available, wi-fi showing disabled. We grabbed his client logs, but they are not showing anything. We are going to check additional Window Event logs as well.
09-03-2024 04:07 PM
I will save you the trouble, Palo is going to tell you its a Microsoft issue, which it may very well be but.... We have the same issue but related to sleep/hibernate ever since updating from 6.1.1 to version 6.2.4. As other have stated tested several other versions 6.1.5, 6.1.3, an 6.2.3, the only version we could not re-create the issue on was 6.1.1 but that version has some vulns. We had some success by making sure ipv6 was disabled on all interfaces including the pangp virtual adapter but not 100% success. We could also recreate the issue by just putting the device into Airplane mode for a minute or so.
This was the Palo response:
I have completed a thorough analysis of the situation you've reported, focusing on the potential cause of the Wi-Fi adapter being disabled on your Windows 10 device. Here is a summary of our findings:
Files Reviewed:
GlobalProtect Logs:
PanGPS Log: Reviewed thoroughly, and no errors were detected that would suggest GlobalProtect is causing the Wi-Fi adapter to disable.
PanGPA Log: Similarly, this log was analyzed and showed no indications of malfunction or errors related to network interface management.
PanGP Event Log: We found routine entries with no unusual activity or errors that could be linked to the Wi-Fi issue.
System Information:
The system environment, drivers, and network configurations appear to be standard, with nothing unusual noted that would cause concern from the GlobalProtect side.
Additional Findings:
Search for Similar Cases: We conducted a search for similar cases both internally and externally, but we did not find any known issues or reported cases where GlobalProtect was responsible for disabling a Wi-Fi adapter on Windows 10.
Known Windows 10 Issues:
It’s important to note that there are documented issues with Windows 10 regarding network interfaces, particularly after sleep or hibernation. These issues can sometimes require administrative intervention or a system reboot to restore the network interface.
Below are some relevant resources that discuss these issues:
Windows 10/11 and Network Interface Issues: These articles discuss how network interfaces, including Wi-Fi, may become disabled after the device wakes from sleep or hibernation, sometimes without any involvement from VPN clients.
https://answers.microsoft.com/en-us/windows/forum/all/windows-11-wifi-gone-after-sleep/8bb483e7-437c...
Microsoft Community Article
Interaction with VPN Clients: Some VPN clients, including older versions of GlobalProtect, have been known to have issues managing network interfaces after the device resumes from sleep, though these instances are rare.
https://learn.microsoft.com/en-us/answers/questions/880035/vpn-fails-after-sleep-wake-on-windows-10
09-04-2024 05:33 AM
Thanks for the reply. I too was told they "searched" and could not find any related cases, but clearly there is an issue with higher versions of the sensor. We also upgraded because 6.1.2 had vulnerabilities.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
