Saucepan

User Tools

Site Tools

Trace: restart_panos unlock_accounts sidewinder import_firewall_into_panorama minemeld job_information global_protect certificates pan_configurator azure
paloaltonetworks:troubleshooting:global_protect

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
paloaltonetworks:troubleshooting:global_protect [2020/05/29 09:34] bstaffordpaloaltonetworks:troubleshooting:global_protect [2022/11/23 12:49] (current) – external edit 127.0.0.1
Line 6: Line 6:
  
 ===== PanGP Service Logs ===== ===== PanGP Service Logs =====
- 
- 
  
 **Sections of Service Logs** **Sections of Service Logs**
-  * ----portal processing starts----+  * ''----portal processing starts----''
     * Portal portal.example.local, user user, logonDomain DOMAIN, saved user user, path C:\Users\user\AppData\Local\Palo Alto Networks\GlobalProtect\     * Portal portal.example.local, user user, logonDomain DOMAIN, saved user user, path C:\Users\user\AppData\Local\Palo Alto Networks\GlobalProtect\
     * Portal's ipv4 address 10.1.1.1     * Portal's ipv4 address 10.1.1.1
     * CaptivePortalDetectionThread: wait (2000 ms) for captive portal detection event.     * CaptivePortalDetectionThread: wait (2000 ms) for captive portal detection event.
-  * ----Portal Pre-login starts---- +  * ''----Portal Pre-login starts----'' 
-  * ----Portal Login starts---- +  * ''----Portal Login starts----'' 
-  * ----Network Discover starts---- +  * ''----Network Discover starts----'' 
-  * --Set state to Discovering network... +    ''--Set state to Discovering network...'' 
-  * * * Process gateway: host gw.example.local, description gw.example.local +      * Process gateway: host gw.example.local, description gw.example.local 
-  * * * Gateway gw.example.local ipv4 address is 10.1.1.1 +      * Gateway gw.example.local ipv4 address is 10.1.1.1 
-  * * * Gateway gw.example.local: ipv4 10.1.1.1, ipv6 , FQDN yes +      * Gateway gw.example.local: ipv4 10.1.1.1, ipv6 , FQDN yes 
-  * * * Set network discover in progress +      * Set network discover in progress 
-  * * * No ipv6 internal host detection. +      * No ipv6 internal host detection. 
-  * * * IP 10.1.1.254  +      * IP 10.1.1.254  
-  * * * host ihd.example.local  +      * host ihd.example.local  
-  * * * DnsQuery returns 0 +      * DnsQuery returns 0 
-  * * * Resolved 254.1.1.10.in-addr.arpa for internal host detection with return value 0 +      * Resolved 254.1.1.10.in-addr.arpa for internal host detection with return value 0 
-  * * * The host name is ihd.example.local  +      *The host name is ihd.example.local  
-  --Set state to Discovery complete+    ''--Set state to Discovery complete'' 
 + 
 +===== Users Connecting with SSL ===== 
 +Get a log file dump from the endpoint GlobalProtect and open the ''PanGPS.log'' file. 
 + 
 +Look for the following to explain why SSL is being used  
 +<code>Debug( 463): Network is reachable 
 +Info ( 174): Connected to: 1.2.3.4[4501], Sending keep alive to ipsec socket... 
 +Info ( 217): failed to receive keep alive 
 +Debug( 226): Disconnect udp socket  
 +Info ( 307): Connecting to 1.2.3.4 failed 
 +Info ( 226): Start vpn do_connect() failed 
 +Debug( 281): do_disconnect is called in VPN stop 
 +Debug( 485): ipsec failed to start</code> 
  
 +===== Check Endpoint CLient is Running =====
 +For Macs perform the following (Via Terminal):
 +<code>netstat -an | grep 4767</code>
 +For Windows, perform the following (Via CLI):
 +<code>netstat -an | find "4767"</code>
  
  
  
paloaltonetworks/troubleshooting/global_protect.1590744859.txt.gz · Last modified: (external edit)