This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences

Issue passing traffic with Global Protect client 5.2.9 or later

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

Issue passing traffic with Global Protect client 5.2.9 or later

Mike.Palmer
L0 Member

‎05-20-2022 05:01 AM

Hi,

 

We have having issues upgrading beyond global protect client 5.2.8. If we upgrade to 5.2.9/5.2.11/6.0.1 we have the following happen on our Windows 10 Enterprise x64 1909 or greater devices. The clients are configured for split tunnel.

 

1. The VPN connection is made and remains connected.

2. The connection gets a DHCP address.

3. Unable to ping any hosts by IP address and get the error message "generic network failure"

4. DNS resolution does not work.

5. The client is marking the virtual adapter as Public and not domain but firewall rules allow all required ports for NCSI probe, DNS, Kerberos etc.

 

Completely lost on what is going on and could do with some help please.

 

0 Likes Likes
3 REPLIES 3

BPry
Cyber Elite
Cyber Elite

‎05-20-2022 08:09 PM

@Mike.Palmer,

Interesting, this is not an issue I've come across with any of my installations or validation testing. What happens if you make a test client configuration and don't split-tunnel the traffic, does that change behavior at all? If you take a PCAP on the endpoint do you see the traffic attempting to traverse the PanGP adapter? 

0 Likes Likes

Mike.Palmer
L0 Member
In response to BPry

‎05-22-2022 11:47 PM

@BPry That is the next step in the investigation. What I don't say is we have attempted to install the application on several Windows 10 machines all built in the same way and have the same issue, apart from one of the network teams laptop which works :(.

 

I'll have a word this morning to see if they can get a test laptop and see what they get.

 

Regards

Mike

0 Likes Likes

Adrian_Jensen
L6 Presenter

‎05-23-2022 09:28 AM

Not a whole lot of help... but we had basically the same symptoms with a Win10 client running 5.2.10, that had been working fine, upgraded to Win11. GP client would connect just fine, received its IP, set DNS servers, routing table correct, but it couldn't ping across the link or actually get DNS responses. It seemed to be something broken in the Windows network stack, that the GP client hooks to intercept/route traffic over the VPN were no longer working. Eventually gave up and uninstalled/reinstalled the GP client at which point everything worked fine again.

0 Likes Likes
  • 2552 Views
  • 3 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!

LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2024 - Palo Alto Networks