About a.jones

Hi All,   I have configured split tunnel for O365 but I have an issue that I can't seem to nail. All seem to be working except when I open Outlook I get a connection error. I have all the URLs and IPs specified by Microsoft in the split tunnel configuration but it still does not work. Strange thing is if I open outlook before the Globalprotect connection, Outlook remains connected and I can refresh the connection using the Connection Status reconnect without an issue, the moment I close down Outlook and re-open it I get the error?   I have a TAC case raised but thought the community may have an idea what's going on. Any clues?   TIA   Regards   Adrian ... View more

Hi All Trying to get a path working for an Avaya solution. I can see in the log that SIP traffic is flowing without issue. When the user tries to make a call I should see some UDP traffic within a specified range but I do not see it in the logs.   I have performed a packet capture and I can see that the UDP traffic, showing as RTP, is being dropped but I cannot fathom out why. There is a specific policy for this and traffic levels shouldn't kick in UDP overflow. I feel it may be the SIP ALG which is turned on but unsure if that is the specific answer.   Any ideas? Has anyone experienced this before?   Regards   Adrian ... View more

Hi All,   We have a problem with the report data on Solarwinds. We are running a multi-vsys Palo Alto 5220 with bgp connectivity to a router and need to run bandwidth reports on all vsys. All Vsys have at least 2 BGP Peering for inside and outside on 2 AE's, each assigned a particular Vlanif.  All reports seemed to look good but one person is saying one of the reports is reporting too little usage. On a particular vsys we are seeing bandwidth peaking at around 60Mb in the day. When I monitor the Router interface for that particular Vlanif I get a peak of around 600Mb which I am told is expected usage.   I can't see anything that would give this problem. We have configured a standard snmpv3 setup, monitoring on the relevant interfaces and vlanifs. I have looked at the reporting on a second pair of Palo Altos we have which reports around 350Mb at eak which is expected.   Has anyone seen this before and have a solution? Monitoring on the router is not ideal as I can't break down the traffic to Globalprotect, VPNS etc.   Regards   Adrian ... View more

Hi All,   I'm trying to configure a Floating IP for a VPN on an Active-Active pair of 5220's. I have the Floating IP configured with the Active-Primary Device Priority 1 and Active-Secondary with Device Priority 100. The Interface IPs for both devices are in different subnets to the Floating IP.   When I ping the floating IP from home, I see a log entry on the device for the ping but I never get a response from the ping.   Any idea's?   Regards   Adrian ... View more

Hi All,   I have recently configured a clientless vpn for a customer but the solution needs client certificates for the users to log in with a browser. Is there a way I can make this an authentication only solution with no client certificate requirement?   The GlobalProtect configuration is configured and working for staff members using PreLogon successfully. The clientless VPN is configured within this portal configuration. Authentication is only possible for users in the ldap group.   It all works but the client was no client certificate. Any resolution must not break the current PreLogon Globalprotect.   Regards   Adrian ... View more