cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.

Who Me Too'd this topic

Issue with Global protect VPN

L3 Networker

We have one user who unable to connect to Global protect VPN after windows update,

 

- We have tried installing different versions of Global protect

 

-Issue is not with ISP as another person using the same network is able to connect on different machine

 

- With this user machine, even my test id does not work, so not an issue with authentication

 

On the PA-220, I can see the connection attempts coming through and it automatically disconnects shortly after:

0 (17).png

- We are able to ping the portal from client workstation

- We ae able to perform a nslookup from the client pc for the portal address and it works fine

-we can open portal in the browser fine

-No issue with the certificate

-we disabled local machine antivirus and firewall and made no difference

-connection is set to IPsec

-we are using active directory authentication 

-just this one machine is not working

-We have tried deleting GP completely multiple times and reinstalling

 

 

PANGPA logs

 

response>
<type>status</type>
<status>Disconnected</status>
<protocol/>
<portal-config-version>4100</portal-config-version>
<error-must-show/>
<error-must-show-level>error</error-must-show-level>
<error/>
<product-version>5.2.6-87</product-version>
<product-code>&quot;{8F424B9B-AA2C-478A-A56B-E49BAE6B35E8}&quot;</product-code>
<portal-status>Connected</portal-status>
<user-name>pkcg-tn</user-name>
<username-type>regular</username-type>
<state>Connecting...</state>
<check-version>no</check-version>
<portal>vpn.wilkinsonshaw.com.au:4443</portal>
<discover-ready>no</discover-ready>
<mdm-is-enabled>no</mdm-is-enabled>
<gateway-list name="gateway-list" type="external" user="pkcg-tn">
<entry>
<gateway>vpn.wilkinsonshaw.com.au:4443</gateway>
<tunnel>no</tunnel>
<description>VPN Gateway</description>
<allow-tunnel>yes</allow-tunnel>
<passwd-expire-days>-1</passwd-expire-days>
<pre-vpn-connect-error>_</pre-vpn-connect-error>
<priority>1</priority>
<internal>no</internal>
<authenticated>yes</authenticated>
</entry>
</gateway-list>
<cdl-log>no</cdl-log>
</response>

(P11640-T10688)Debug( 231): 06/08/21 21:36:26:871 CPanParserWin::responseToUI() is called for status event.
(P11640-T10688)Debug( 393): 06/08/21 21:36:26:871 Receive gps message with type status.
(P11640-T10688)Debug( 325): 06/08/21 21:36:26:871 ===> response sent to GPI = <response><type>status</type><state>Connecting...</state><error></error><disabled>no</disabled></response>
(P11640-T10688)Debug( 121): 06/08/21 21:36:26:951 Received data from Pan Service
(P11640-T10688)Debug( 276): 06/08/21 21:36:26:951 message type from the service = h
<?xml version="1.0" encoding="UTF-8"?>
<response>
<type>https_request</type>
<status>Disconnected</status>
<protocol/>
<portal-config-version>4100</portal-config-version>
<error-must-show/>
<error-must-show-level>error</error-must-show-level>
<error/>
<product-version>5.2.6-87</product-version>
<product-code>&quot;{8F424B9B-AA2C-478A-A56B-E49BAE6B35E8}&quot;</product-code>
<portal-status>Connected</portal-status>
<user-name>pkcg-tn</user-name>
<username-type>regular</username-type>
<state>Connecting...</state>
<check-version>no</check-version>
<portal>vpn.wilkinsonshaw.com.au:4443</portal>
<discover-ready>no</discover-ready>
<mdm-is-enabled>no</mdm-is-enabled>
<https-request>REQID=6,IPADDR=vpn.wilkinsonshaw.com.au,PORT=4443,URL=/ssl-vpn/getconfig.esp,POST=1,POSTDATA=&quot;1bbf7a1d4bb5a509bb9183c0afae0148748fed4a9949771ed4ffa58063ce1f9e0cd09c1390912d734766bb8c869cec636597b09090400f682ab05672854013ce4f05e3bec1545c4abdf0ebfcb6cded1ffd888b1241aacf5b74ade82d743692e6459a88c7e45bdcd1358518e0aff148b14daa31c6b79ea86a7a463e694f90b480afcd5f7c93785c5b941b96151e7e30d9ca95f9c481907ae8c33e21289f2809c6dc77ece72471e95d1fe78799444014f9b70fce0d241d191e8e4937e28df76a6f1d9291cb79f30f52a8e9d0e704784b78c7261d4ff5dff68ff3710b7481cba99bb4247a6fa14f2546e312ddbed0e7bc53cbbf6b98e6edae917a697708b68efe24fa578f72ad6a7249949c14eea84d95d5e54599cba3bcf316580743d1b62125256af5000e268dde63a087870484a6b95d1916d033444825fa94a035daff215e7d7b96458ac1aa467ad6da0649f0a37157da5212f18f476af9e1da91f9b817ca603a3d6f1ee5cec62a769250c59cec9bb6cc751357e52545ad3fb390d11206c875e7e72390a60e7688c3c52279012e4b61&quot;,PROXY_AUTO=1,PROXY_CFGURL=NULL,PROXY=NULL,PROXY_BYPASS=NULL,PROXY_USER=NULL,PROXY_PASS=NULL,VERIFY_CERT=0,ADDITIONAL_CHECK=1,SCEP_CERT=NULL,OID=</https-request>
</response>

(P11640-T10688)Debug( 393): 06/08/21 21:36:26:951 Receive gps message with type https_request.
(P11640-T10688)Debug( 325): 06/08/21 21:36:26:951 ===> response sent to GPI = <response><disabled>no</disabled></response>
(P11640-T19728)Debug(4277): 06/08/21 21:36:26:951 OID is (null)
(P11640-T19728)Debug(5172): 06/08/21 21:36:26:951 DecodePostData, encPostDataLen = 800, outLen=393
(P11640-T19728)Debug( 622): 06/08/21 21:36:26:951 agentName is PAN GlobalProtect/5.2.6-87 (Microsoft Windows 10 Home , 64-bit) Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; Win64; x64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; Tablet PC 2.0; Zoom 3.6.0)
(P11640-T19728)Debug( 772): 06/08/21 21:36:26:951 REUSE, reuse connection 000001BEDB8951F0, m_server=vpn.wilkinsonshaw.com.au, port=4443
(P11640-T19728)Info (3368): 06/08/21 21:36:26:951 PanWinhttpCallback(dwInternetStatus=WINHTTP_CALLBACK_STATUS_HANDLE_CREATED, this=000001B6DA30F3F0)
(P11640-T19728)Debug( 909): 06/08/21 21:36:26:951 setReceiveTimeOut, set time out to 30000 ms
(P11640-T19728)Debug( 957): 06/08/21 21:36:26:951 setConnectTimeOut, set time out to 60000 ms
(P11640-T19728)Debug( 939): 06/08/21 21:36:26:951 kerberos, set HTTP_OPTION_AUTOLOGON_POLICY success
(P11640-T19728)Info (4377): 06/08/21 21:36:26:951 winhttpObj->SendRequest, first try
(P11640-T19728)Info (2118): 06/08/21 21:36:26:951 winhttpObj, SendRequest, m_clientCertName=(null), bIngoreClientCert=0
(P11640-T13644)Info (3368): 06/08/21 21:36:26:951 PanWinhttpCallback(dwInternetStatus=WINHTTP_CALLBACK_STATUS_SENDING_REQUEST, this=000001B6DA30F3F0)
(P11640-T13644)Info (3368): 06/08/21 21:36:26:951 PanWinhttpCallback(dwInternetStatus=WINHTTP_CALLBACK_STATUS_REQUEST_SENT, this=000001B6DA30F3F0)
(P11640-T13644)Info (3368): 06/08/21 21:36:27:021 PanWinhttpCallback(dwInternetStatus=WINHTTP_CALLBACK_STATUS_SENDING_REQUEST, this=000001B6DA30F3F0)
(P11640-T13644)Info (3368): 06/08/21 21:36:27:021 PanWinhttpCallback(dwInternetStatus=WINHTTP_CALLBACK_STATUS_REQUEST_SENT, this=000001B6DA30F3F0)
(P11640-T13644)Info (3368): 06/08/21 21:36:27:021 PanWinhttpCallback(dwInternetStatus=WINHTTP_CALLBACK_STATUS_SENDREQUEST_COMPLETE, this=000001B6DA30F3F0)
(P11640-T19728)Debug(2180): 06/08/21 21:36:27:021 got request sent event, exit wait loop now
(P11640-T19728)Debug(1622): 06/08/21 21:36:27:021 DC, hCertStroe=000001BEDB914A80, cert length=1506, cert content=000001B6DA312BB0, dwVersion=48
first 16 bytes:
82 05 de 30 82 04 c6 a0 03 02 01 02 02 11 00 02
signatureAlgorithm(1.2.840.113549.1.1.11, 2 bytes)
issuer: (146,GB, Greater Manchester, Salford, Sectigo Limited, Sectigo RSA Domain Validation Secure Server CA)
subject: (37,vpn.wilkinsonshaw.com.au)
public key Algorithm: 1.2.840.113549.1.1.1, length=270

(P11640-T19728)Debug(1626): 06/08/21 21:36:27:021 DC, get one certificate 000001BEDB98A2E0
(P11640-T19728)Debug(1637): 06/08/21 21:36:27:021 The length of the serialized string is 1708.
(P11640-T19728)Debug(1657): 06/08/21 21:36:27:021 The encoded element has been serialized.
(P11640-T19728)Debug(1675): 06/08/21 21:36:27:031 SerializeServerCert(): wrote 1708 of 1708 bytes to file C:\Users\Kenmore\AppData\Local\Palo Alto Networks\GlobalProtect\ServerCert.pan.
(P11640-T19728)Debug(1502): 06/08/21 21:36:27:031 DC, dump server certificate now
(P11640-T19728)Debug(1543): 06/08/21 21:36:27:031 DC, read 1708 of 1708 bytes from file C:\Users\Kenmore\AppData\Local\Palo Alto Networks\GlobalProtect\ServerCert.pan.
(P11640-T19728)Debug(1408): 06/08/21 21:36:27:031 DC, exportFirstCert
(P11640-T19728)Debug(1485): 06/08/21 21:36:27:031 DC, could not find right property id, last error=80092004
(P11640-T19728)Debug(1263): 06/08/21 21:36:27:031 Check server certificate revocation returns TRUE
(P11640-T19728)Info (3368): 06/08/21 21:36:27:031 PanWinhttpCallback(dwInternetStatus=WINHTTP_CALLBACK_STATUS_RECEIVING_RESPONSE, this=000001B6DA30F3F0)
(P11640-T19728)Info (3368): 06/08/21 21:36:27:031 PanWinhttpCallback(dwInternetStatus=WINHTTP_CALLBACK_STATUS_RESPONSE_RECEIVED, this=000001B6DA30F3F0)
(P11640-T19728)Info (3368): 06/08/21 21:36:27:031 PanWinhttpCallback(dwInternetStatus=WINHTTP_CALLBACK_STATUS_HEADERS_AVAILABLE, this=000001B6DA30F3F0)
(P11640-T19728)Debug(2366): 06/08/21 21:36:27:031 got header ready event, exit wait loop now
(P11640-T19728)Info (2432): 06/08/21 21:36:27:031 http request status code = 200
(P11640-T19728)Debug(2598): 06/08/21 21:36:27:031 winhttpObj, 1576 data in content report from header
(P11640-T19728)Info (3368): 06/08/21 21:36:27:031 PanWinhttpCallback(dwInternetStatus=WINHTTP_CALLBACK_STATUS_DATA_AVAILABLE, this=000001B6DA30F3F0)
(P11640-T19728)Debug(3395): 06/08/21 21:36:27:031 winhttpObj, 276 data avail now, remain in read buffer is 1576!
(P11640-T19728)Info (3368): 06/08/21 21:36:27:031 PanWinhttpCallback(dwInternetStatus=WINHTTP_CALLBACK_STATUS_READ_COMPLETE, this=000001B6DA30F3F0)
(P11640-T19728)Debug(3427): 06/08/21 21:36:27:031 winhttpObj, 276 data already read now! m_dwread=276, m_dwRemain = 1300
(P11640-T13644)Info (3368): 06/08/21 21:36:27:031 PanWinhttpCallback(dwInternetStatus=WINHTTP_CALLBACK_STATUS_DATA_AVAILABLE, this=000001B6DA30F3F0)
(P11640-T13644)Debug(3395): 06/08/21 21:36:27:031 winhttpObj, 610 data avail now, remain in read buffer is 1300!
(P11640-T13644)Info (3368): 06/08/21 21:36:27:031 PanWinhttpCallback(dwInternetStatus=WINHTTP_CALLBACK_STATUS_READ_COMPLETE, this=000001B6DA30F3F0)
(P11640-T13644)Debug(3427): 06/08/21 21:36:27:031 winhttpObj, 610 data already read now! m_dwread=886, m_dwRemain = 690
(P11640-T20236)Info (3368): 06/08/21 21:36:27:031 PanWinhttpCallback(dwInternetStatus=WINHTTP_CALLBACK_STATUS_DATA_AVAILABLE, this=000001B6DA30F3F0)
(P11640-T20236)Debug(3395): 06/08/21 21:36:27:031 winhttpObj, 690 data avail now, remain in read buffer is 690!
(P11640-T20236)Info (3368): 06/08/21 21:36:27:031 PanWinhttpCallback(dwInternetStatus=WINHTTP_CALLBACK_STATUS_READ_COMPLETE, this=000001B6DA30F3F0)
(P11640-T20236)Debug(3427): 06/08/21 21:36:27:031 winhttpObj, 690 data already read now! m_dwread=1576, m_dwRemain = 0
(P11640-T19728)Debug(5001): 06/08/21 21:36:27:050 send alive message now 1
(P11640-T17136)Debug( 611): 06/08/21 21:36:27:050 Send command to Pan Service
(P11640-T17136)Debug( 639): 06/08/21 21:36:27:050 Command = <request><type>pan_msg_ping</type><result>1</result></request>
(P11640-T17136)Debug( 691): 06/08/21 21:36:27:050 PanClient sent successful with 80 bytes
(P11640-T19728)Info (3368): 06/08/21 21:36:27:050 PanWinhttpCallback(dwInternetStatus=WINHTTP_CALLBACK_STATUS_HANDLE_CLOSING, this=000001B6DA30F3F0)
(P11640-T19728)Debug(3459): 06/08/21 21:36:27:050 handle db8ead20 closed
(P11640-T19728)Debug(3463): 06/08/21 21:36:27:050 REUSE, request closed
(P11640-T19728)Info ( 860): 06/08/21 21:36:27:050 wait for closing callback success!
(P11640-T17136)Debug( 611): 06/08/21 21:36:27:050 Send command to Pan Service
(P11640-T17136)Debug( 691): 06/08/21 21:36:27:050 PanClient sent successful with 3264 bytes
(P11640-T10688)Debug(1618): 06/08/21 21:36:32:496 Wait too long in connecting, display still working...
(P11640-T10688)Debug( 121): 06/08/21 21:36:34:270 Received data from Pan Service
(P11640-T10688)Debug( 608): 06/08/21 21:36:34:270 Current status is changed to 1.
(P11640-T10688)Debug( 174): 06/08/21 21:36:34:270 username field is not empty. not override the username.
(P11640-T10688)Debug( 203): 06/08/21 21:36:34:270 CPanBaseReceiver::HandleStatus - found discover-ready tag. value = n.
(P11640-T10688)Debug( 210): 06/08/21 21:36:34:270 CPanBaseReceiver::HandleStatus - found cdl-log tag. value = n.
(P11640-T10688)Debug( 274): 06/08/21 21:36:34:270 message type from the service = s
<?xml version="1.0" encoding="UTF-8"?>
<response>
<type>status</type>
<status>Disconnected</status>
<protocol/>
<portal-config-version>4100</portal-config-version>
<error-must-show/>
<error-must-show-level>error</error-must-show-level>
<error/>
<product-version>5.2.6-87</product-version>
<product-code>&quot;{8F424B9B-AA2C-478A-A56B-E49BAE6B35E8}&quot;</product-code>
<portal-status>Connected</portal-status>
<user-name>pkcg-tn</user-name>
<username-type>regular</username-type>
<state>Connection failed</state>
<check-version>no</check-version>
<portal>vpn.wilkinsonshaw.com.au:4443</portal>
<discover-ready>no</discover-ready>
<mdm-is-enabled>no</mdm-is-enabled>
<gateway-list name="gateway-list" type="external" user="pkcg-tn">
<entry>
<gateway>vpn.wilkinsonshaw.com.au:4443</gateway>
<tunnel>no</tunnel>
<description>VPN Gateway</description>
<allow-tunnel>yes</allow-tunnel>
<passwd-expire-days>-1</passwd-expire-days>
<priority>1</priority>
<internal>no</internal>
<authenticated>yes</authenticated>
</entry>
</gateway-list>
<cdl-log>no</cdl-log>
</response>

(P11640-T10688)Debug( 231): 06/08/21 21:36:34:270 CPanParserWin::responseToUI() is called for status event.
(P11640-T10688)Debug( 393): 06/08/21 21:36:34:270 Receive gps message with type status.
(P11640-T10688)Debug( 325): 06/08/21 21:36:34:270 ===> response sent to GPI = <response><type>status</type><state>Connection failed</state><error></error><disabled>no</disabled></response>
(P11640-T10688)Debug( 121): 06/08/21 21:36:34:501 Received data from Pan Service
(P11640-T10688)Debug( 608): 06/08/21 21:36:34:501 Current status is changed to -1.
(P11640-T10688)Debug( 174): 06/08/21 21:36:34:501 username field is not empty. not override the username.
(P11640-T10688)Debug( 203): 06/08/21 21:36:34:501 CPanBaseReceiver::HandleStatus - found discover-ready tag. value = n.
(P11640-T10688)Debug( 210): 06/08/21 21:36:34:501 CPanBaseReceiver::HandleStatus - found cdl-log tag. value = n.
(P11640-T10688)Debug( 274): 06/08/21 21:36:34:501 message type from the service = s
<?xml version="1.0" encoding="UTF-8"?>
<response>
<type>status</type>
<status>Disconnected</status>
<protocol/>
<portal-config-version>4100</portal-config-version>
<error-must-show/>
<error-must-show-level>error</error-must-show-level>
<error>The network connection is unreachable or the gateway is unresponsive. Check the network connection and reconnect.</error>
<product-version>5.2.6-87</product-version>
<product-code>&quot;{8F424B9B-AA2C-478A-A56B-E49BAE6B35E8}&quot;</product-code>
<portal-status>Connected</portal-status>
<user-name>pkcg-tn</user-name>
<username-type>regular</username-type>
<state>Disconnected</state>
<check-version>no</check-version>
<portal>vpn.wilkinsonshaw.com.au:4443</portal>
<discover-ready>no</discover-ready>
<mdm-is-enabled>no</mdm-is-enabled>
<gateway-list name="gateway-list" type="external" user="pkcg-tn">
<entry>
<gateway>vpn.wilkinsonshaw.com.au:4443</gateway>
<tunnel>no</tunnel>
<description>VPN Gateway</description>
<allow-tunnel>yes</allow-tunnel>
<passwd-expire-days>-1</passwd-expire-days>
<priority>1</priority>
<internal>no</internal>
<authenticated>no</authenticated>
</entry>
</gateway-list>

 

Who Me Too'd this topic