Users are being disconnected from GlobalProtect VPN

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.

Users are being disconnected from GlobalProtect VPN

L1 Bithead

From PanGPS Logs following logs.

looking for network issues or DNS issues. kindly suggest further troubleshooting to resolve the issue.

 

(P5544-T4240)Debug(5173): 12/09/22 11:44:34:124 Found virtual IP route entry
(P5544-T4240)Debug(5936): 12/09/22 11:44:34:124 No change for gateway route
(P5544-T4240)Debug(6696): 12/09/22 11:44:34:124 NetworkConnectionMonitorThread: Detected route change, but skip network discovery.
(P5544-T4240)Debug(5048): 12/09/22 11:44:34:125 Wait for virtual interface IP route entry 10.11.160.66
(P5544-T4240)Debug(5062): 12/09/22 11:44:34:126 Found virtual interface IP route entry.
(P5544-T4240)Debug(4878): 12/09/22 11:44:34:126 des=10.1.0.0, mask=255.255.0.0, nextHop=10.11.160.66, ifidx=3, forwardType=3, forwardProto=3, age=0, nextHopAs=0, matrix=1,0,0,0,0
(P5544-T4240)Debug(2220): 12/09/22 11:44:34:126 number of route is 64
(P5544-T4240)Debug(2238): 12/09/22 11:44:34:134 Set route successfully. ForwardDest = 10.1.0.0, metric 1.
(P5544-T4240)Debug(2238): 12/09/22 11:44:34:248 Set route successfully. ForwardDest = 104.16.51.111, metric 1.
(P5544-T4240)Debug(2238): 12/09/22 11:44:34:344 Set route successfully. ForwardDest = 18.246.31.138, metric 1.
(P5544-T4240)Debug(2238): 12/09/22 11:44:34:440 Set route successfully. ForwardDest = 52.86.98.138, metric 1.
(P5544-T4240)Debug(6600): 12/09/22 11:44:40:093 NetworkConnectionMonitorThread: route change detected. Wait for 3 seconds.
(P5544-T4240)Debug(5173): 12/09/22 11:44:40:094 Found virtual IP route entry
(P5544-T4240)Debug(5936): 12/09/22 11:44:40:094 No change for gateway route
(P5544-T10840)Debug( 917): 12/09/22 11:44:40:231 HandleDnsCallback: failed to parse dns req packet.
(P5544-T10840)Debug( 917): 12/09/22 11:44:40:262 HandleDnsCallback: failed to parse dns req packet.
(P5544-T4240)Debug(6661): 12/09/22 11:44:43:114 NetworkConnectionMonitorThread: m_state = 0, m_bOnDemand=1, m_bAgentEnabled=1, m_bJustResumed is 0,
m_bHibernate is 0, m_bAgentEnabled is 1, m_bDisconnect is 0, IsConnected() is 1, IsVPNInRetry() is 0.
(P5544-T4240)Debug(5173): 12/09/22 11:44:43:116 Found virtual IP route entry
(P5544-T4240)Debug(5936): 12/09/22 11:44:43:116 No change for gateway route
(P5544-T4240)Debug(6696): 12/09/22 11:44:43:116 NetworkConnectionMonitorThread: Detected route change, but skip network discovery.
(P5544-T4240)Debug(5048): 12/09/22 11:44:43:117 Wait for virtual interface IP route entry 10.11.160.66
(P5544-T4240)Debug(5062): 12/09/22 11:44:43:117 Found virtual interface IP route entry.
(P5544-T4240)Debug(4878): 12/09/22 11:44:43:117 des=10.1.0.0, mask=255.255.0.0, nextHop=10.11.160.66, ifidx=3, forwardType=3, forwardProto=3, age=0, nextHopAs=0, matrix=1,0,0,0,0
(P5544-T4240)Debug(2220): 12/09/22 11:44:43:117 number of route is 64
(P5544-T4240)Debug(2238): 12/09/22 11:44:43:127 Set route successfully. ForwardDest = 10.1.0.0, metric 1.
(P5544-T4240)Debug(2238): 12/09/22 11:44:43:230 Set route successfully. ForwardDest = 104.16.51.111, metric 1.
(P5544-T4240)Debug(2238): 12/09/22 11:44:43:326 Set route successfully. ForwardDest = 18.246.31.138, metric 1.
(P5544-T4240)Debug(2238): 12/09/22 11:44:43:430 Set route successfully. ForwardDest = 52.86.98.138, metric 1.
(P5544-T10840)Debug( 917): 12/09/22 11:44:53:449 HandleDnsCallback: failed to parse dns req packet.
(P5544-T10840)Debug( 917): 12/09/22 11:44:53:777 HandleDnsCallback: failed to parse dns req packet.

1 accepted solution

Accepted Solutions

L4 Transporter

Hello @vij 

 

How's it going. I recommend use and test with the Global protect Client version recommended by TAC

 

Check this link: https://live.paloaltonetworks.com/t5/customer-resources/support-pan-os-software-release-guidance/ta-...

 

Cheers

High Sticker

View solution in original post

2 REPLIES 2

L4 Transporter

Hello @vij 

 

How's it going. I recommend use and test with the Global protect Client version recommended by TAC

 

Check this link: https://live.paloaltonetworks.com/t5/customer-resources/support-pan-os-software-release-guidance/ta-...

 

Cheers

High Sticker

L1 Bithead

Another errors also found

 

(P5500-T14648)Debug( 166): 11/29/22 09:53:19:599 Trying to do ipsec connection to 4.53.26.80[4501]
(P5500-T14648)Debug( 487): 11/29/22 09:53:19:599 socket send buffer old size is 65536
(P5500-T14648)Debug( 511): 11/29/22 09:53:19:599 socket send buffer new size is 3145728
(P5500-T14648)Debug( 564): 11/29/22 09:53:19:606 Network is reachable
(P5500-T14648)Info ( 178): 11/29/22 09:53:19:606 Connected to: 4.53.26.80[4501], Sending keep alive to ipsec socket...
(P5500-T14648)Info ( 221): 11/29/22 09:53:25:617 failed to receive keep alive
(P5500-T14648)Debug( 229): 11/29/22 09:53:25:617 IPSec anti-replay statistics: outside window count 0, replay count 0
(P5500-T14648)Debug( 231): 11/29/22 09:53:25:617 Disconnect udp socket
(P5500-T14648)Info ( 364): 11/29/22 09:53:25:617 Connecting to 4.53.26.80 failed
(P5500-T14648)Debug( 768): 11/29/22 09:53:25:617 Retry connect failed second time
(P5500-T14648)Debug( 921): 11/29/22 09:53:25:617 Tunnel retry done: failed retry
(P5500-T14648)Info ( 936): 11/29/22 09:53:25:617 Before ProcMonitor quit, disconnect vpn
(P5500-T14648)Debug(11009): 11/29/22 09:53:25:617 m_preUsername jweaver
(P5500-T14648)Debug(1441): 11/29/22 09:53:25:617 m_msp->IsVPNConnected() is 0, CControlManager::GetInstance()->IsInRetry() is 0
(P5500-T14648)Debug(7068): 11/29/22 09:53:25:617 --Set state to Disconnecting...
(P5500-T14648)Info (2681): 11/29/22 09:53:25:617 Disconnect(VPN timeout) called
(P5500-T8488)Debug(4533): 11/29/22 09:53:25:617 LifeTimeThread receives m_hExitLifeTimeThreadEvent
(P5500-T8488)Debug(4561): 11/29/22 09:53:25:617 LifeTimeThread quits
(P5500-T14648)Debug( 822): 11/29/22 09:53:25:617 vpn disconnect

 

Reference case in Jira 

  1. PAN-181116
  • 1 accepted solution
  • 1994 Views
  • 2 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!