Users are not visible when connect to Portal clientless VPN
11405
Created On 03/31/20 17:06 PM - Last Modified 09/09/25 06:56 AM
Symptom
-
Users are able to connect to internal resources via Global Protect Clientless. However, Firewall does not show any users connected to Portal
Network > Global Protect > Portal. Portal does not show any users connected under "current users"
- From CLI, run following command:
> show global-protect-portal current-user portal Portal filter-user user <username> Could not find matching user sessions or > show global-protect-portal current-user portal Portal filter-user all-users Could not find matching user sessions
- The output of the command tells us there is no users connected
- Also run the following command to make sure clientless VPN tunnel are not run out
> show global-protect-portal statistics GlobalProtect Portal : Portal Vsys-Id : 0 Total sessions : 45 Total current valid sessions : 9 Total timed out sessions : 30 Truncated cookie cache : 0 Failed to send msg MP -> DP : 0 Invalid Session req from DP -> MP : 3 Sess CK valid MP->DP : 0 CK Update for domain MP -> DP : 0 Set-CK Update DP -> MP : 137 Session update DP -> MP : 2365
- You can see that there are current session established in Portal
Environment
- NGFW
- PANOS 9.x
- GlobalProtect Portal Clientless VPN
Cause
- Portal Table ID is corrupted and resolution is to create a new Portal using the same configuration from corrupted Portal.
- Do NOT clone Portal since it may copy the corrupted file.
Resolution
Steps to create a new Portal
- Make sure to open a maintenance window to make these changes
- Create a snapshot of the configuration under: Device > Setup> Operations
- Create another Portal with different name and copy all configurations manually from corrupted Portal to new Portal
- Disable old Portal and commit
- Test it