This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences

Portal access lost while connected to external gateway

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

Content translations are temporarily unavailable due to site maintenance. We apologize for any inconvenience. Visit our blog to learn more.

Portal access lost while connected to external gateway

Go to solution
joshuahill9
L1 Bithead

‎01-02-2025 01:46 PM

This is a GP configuration that works, but the portal doesn't respond to web requests from the client while the client is connected to the gateway. There is only an external gateway. The portal and gateway share the same IP on an Internet-facing interface. Clients connect and work fine, but as a result when a user initiates an upgrade of the client in the session, the upgrade hangs because it cannot get to the portal's web interface. There is a route to the portal/gateway IP via the un-tunneled Internet in Windows. Where do you think the problem might be? I am certain traffic to that IP has to go over the un-tunneled Internet, but why would the portal remain silent to web requests during gateway sessions? A workaround may be to give the portal and gateways dedicated IPs, but everything I read is that they should be able to function with the same IP. 

0 Likes Likes
1 accepted solution

Accepted Solutions

Go to solution
joshuahill9
L1 Bithead

‎01-03-2025 07:07 AM

OK even though GP adds a static route to Windows pointing it to the Internet when the host wants to go to the portal IP, if that portal IP is not excluded from the gateway here: (gateway->agent->clients settings->config->split tunnel) then GP will still try to push the traffic over the tunnel, which seems to be the problem. I excluded the IP, and for good measure the exact domain name of the portal, now a connected GP client can still reach the portal web address and update the client.

View solution in original post

0 Likes Likes
1 REPLY 1

Go to solution
joshuahill9
L1 Bithead

‎01-03-2025 07:07 AM

OK even though GP adds a static route to Windows pointing it to the Internet when the host wants to go to the portal IP, if that portal IP is not excluded from the gateway here: (gateway->agent->clients settings->config->split tunnel) then GP will still try to push the traffic over the tunnel, which seems to be the problem. I excluded the IP, and for good measure the exact domain name of the portal, now a connected GP client can still reach the portal web address and update the client.

0 Likes Likes
  • 1 accepted solution
  • 128 Views
  • 1 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!

LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2025 - Palo Alto Networks