03-11-2025 12:53 PM
Hello my LIVEcommunity friends,
I have a puzzler here for you all (I'm sure I won't be the only one with this issue). I have seen similar discussions, but none quite fit the bill. I have one user that cannot access Internet-based resources (web pages or applications) while on the GlobalProtect VPN. Split-Tunneling was removed from the environment a week and a half ago. This issue was reported last week and so far, it seems isolated. The firewall logs are not showing any "aged-out"s or "deny"s.
I have attached a "route print" as well as a "tracert google.com" (www.google.com took too long to respond).
Any ideas?
03-12-2025 05:45 AM
So you do see sessions from this user in traffic log and that traceroute also goes through Palo?
12.17.244.2 is next hop for Palo that runs GlobalProtect?
03-12-2025 06:53 AM
Hello,
I can see basic traffic from the user in the traffic logs. It is generic traffic not indicative of connection attempts. 12.17.244.2 is, I believe, the next hop in GlobalProtect. For clarification, when attempting to access Google.com that traffic is not making it into the Panorama traffic logs.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
