Traffic from Subnets Not Coming to Firewall - GlobalProtect Gateway

For (full-tunneling), enter 0.0.0.0/0 as the access route.  The benefit of this configuration is that you have visibility into all client traffic and you can ensure that clients are secured according to your policy even when they are not physically connected to the LAN. 

In this configuration, traffic destined for the local subnet goes through the physical adapter, rather than being tunneled to the gateway.

Even through you have  mentioned access route 0.0.0.0/0, it may happen that certain subnets do not reach the Palo Alto Networks firewall, because these routes have a more precise match in their local routing table.

• Either use more specific route for split-tunneling 
• Or use a feature introduced in PAN OS 7.0.x and later

The feature in PAN OS 7.0x is  to check No direct access to local network under Gateway configurations. Doing so prevents users from sending traffic to proxies or local resources, such as a home printer.

When the tunnel is established, all traffic is then routed through the tunnel where it's subject to policy enforcement by the firewall. All traffic comes through the tunnel and the local routing table is ignored.