GlobalProtect client cant access internal resources

Showing results for 
Show  only  | Search instead for 
Did you mean: 
Please sign in to see details of an important advisory in our Customer Advisories area.

GlobalProtect client cant access internal resources

L1 Bithead

PAN OS 8.1.22 / GlobalProtect Agent 6.0.3


(1) GlobalProtect has no issue connecting to portal/gateway (Dell Latitude, Windows 11)

(2) Gateway Access Route (split tunnel)(No direct access to local network is UNTICK) has access to

(3) VPN users authenticated are assign address

(4) DNS assignment is ( - once connected via GP

(5) Internal servers/pcs are manually assign address

(6) Internal servers includes webserver (, email (, file transfer (, DC also DNS ( and other workstation (PCs)

(7) These servers could be ping and reach via their dns names or IP addresses when GP is connected

(8) There is no extra configuration to the 'hosts' file from the GP Client PCs



(1) I configured and added a VM Hypervisor 6 on a Dell PowerEdge R230

(2) Management of Virtual Host is via GBport 1 with IP (connected to internet)

(3) GBPort 2 is connected to 'Internal Network' (as described above to the network

      - GBPort 2 is passthru to the Internal Network to be used by virtual machines

(4) I added 2 virtual machines ZIMBRA ( & OWNCLOUD (

     - the machines has 2 network adapters assign (internet and internal)

(5) From these 2 machines i can access the internet and INTERNAL network, no problem

(6) I have add the DNS of these 2 machines to the DNS server

(7) From a workstation (within the INTERNAL network), i can ping both Zimbra/Owncloud via their IP and Domain names

     - i can also access the webpage of Zimbra and Owncloud

     - can send and receive emails

     - can download and upload from/to Owncloud server

(8) Firewall policy had been amended to include IP address of Zimbra and Owncloud



- however, both Zimbra and Owncloud servers could not be access from GlobalProtect clients (as mentioned above, other resources could be reach)

- both servers could not be ping or reached

- nslookup showed and (can be reached)


Any help will be greatly apprciated



L1 Bithead


- /etc/hostname =

- /etc/hosts =

- /runm/systemd/resolve/resolv.conf

  (nameserver / nameserver / search localdomain)


- /etc/hostname =

- /etc/hosts =

- /run/systemd/resolve/resolv.conf

  (nameserver / nameserver


  • 1 replies
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!