About andrewwww

@SubaMuthuram   please use another version swan plugin   did it worked for you   ... View more

@nikoolayy1 wrote: As with prisma access only Palo Alto can do packet capture, check counters or flow logs the only thing you can check is the globalprotect agent PanGPS/PanGPA logs and on Panorma the Globalprotect logs. Also you can check the Portal config there is anything special for MAC devices as they can have a seperate policy even without HIP being enabled.     https://docs.paloaltonetworks.com/globalprotect/10-1/globalprotect-admin/globalprotect-apps/deploy-the-globalprotect-app-software/view-and-collect-globalprotect-logs     Also I don't renember if you could do a policy trace for Prisma Access on the Panorama as yoiu may have some security policy blocking the vpn for UK for MAC devices for example   Also it is interesting where your cortex data lake is located if this could be related but maybe not as palo alto would have seen this. Ohh thanks for the information sir, @AaronRedd wrote: It turns out the UK gateway received a #.#.#.0 address, which is a valid IP based on the subnet mask, but something in the way that Mac's handle this is as if it's a broadcast address.  Palo Alto ended up changing the backend IP to an IP that did not end in zero.  what, That i really don't known ... View more