This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences

Strange errors with Globalprotect and PANOS 10.2.3-h2

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Palo Alto Networks Approved
Palo Alto Networks Approved
Community Expert Verified
Community Expert Verified

Strange errors with Globalprotect and PANOS 10.2.3-h2

Go to solution
Spaniel
L1 Bithead

‎03-10-2023 08:55 AM

Hello everyone,

 

We have two strange errors with Globalprotect (v. 5.2.11) since the update to PANOS 10.2.3-h2:
- For internal connections (via tunnel) the connection fails with the event gateway-hip-check with the message "Invalid tunnel end point IP address".
- The external portal is suddenly no longer accessible via https but pingable via the IP and domain.

 

Therefore no clients are connecting anymore.

 

We have already tried to upgrade to PANOS 10.2.3-h4 but it does not show any improvement. Also all deamons are in status running.

Does anyone have another idea? Paloalto support is always relatively slow unfortunately.

 

Regards

Sven

0 Likes Likes
1 accepted solution

Accepted Solutions

Go to solution
Spaniel
L1 Bithead

‎03-16-2023 01:08 AM

Is apparently a problem with the upgrade. After a downgrade everything ran normally again. We now wait until the next release and try again.

View solution in original post

0 Likes Likes
5 REPLIES 5

Go to solution
Spaniel
L1 Bithead

‎03-10-2023 09:38 AM

As a workaround for the disrupted internal connections, we resolved the internal tunnel. Now all clients connect internally via "Internal connection" directly to the systems instead of via a tunnel.

Externally, however, we do not yet have a workaround, let alone a solution.

0 Likes Likes

Go to solution
Spaniel
L1 Bithead

‎03-16-2023 01:08 AM

Is apparently a problem with the upgrade. After a downgrade everything ran normally again. We now wait until the next release and try again.

0 Likes Likes

Go to solution
AmmarBahasan
L1 Bithead
In response to Spaniel

‎06-07-2023 05:58 AM

Hey,

i an runninng into a similar issue were some of the users keeps on getting disconnected randomly. how did you manage to solve it? which version did you went back to? 

Go to solution
Spaniel
L1 Bithead
In response to AmmarBahasan

‎06-12-2023 05:05 AM

Hi,

we have a PA-460 active-passive cluster and had upgrade from version 10.1.8 to 10.2.3-h2. The version was also recommended by Paloalto at that time.

We then went back to version 10.1.8 and are currently still running on that. We will try another upgrade to a higher version soon.

0 Likes Likes

Go to solution
MP18
Cyber Elite
Cyber Elite
In response to AmmarBahasan

‎12-11-2023 09:50 AM

@AmmarBahasan 

 

We ran into Same issue yesterday while on PAN OS 10.2.4-h4 we need to downgrade to 10.0.11-h1 to fix the issue.

During that time only few users were able to connect.

 

Hope this helps1

 

Regards

MP

Help the community: Like helpful comments and mark solutions.
0 Likes Likes
  • 1 accepted solution
  • 5279 Views
  • 5 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!

LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2025 - Palo Alto Networks