Globalprotect client pre-logon tunnel disconnects after improper termination of RDP session

Globalprotect client pre-logon tunnel disconnects after improper termination of RDP session

4656
Created On 05/27/22 13:11 PM - Last Modified 01/06/25 17:56 PM


Symptom


Pre-logon tunnel won't be established if the end user disconnects the RDP session prematurely

Environment


  • Globalprotect (GP) App
  • Supported GP App version
  • Pre-logon Connect Method
  • Windows OS

Cause


  • A pre-logon tunnel is only established if there is no logged-in user
  • The user connects to the remote machine via RDP and abruptly closes the RDP session without logging out of the Windows PC
  • Since the Windows session remains active, the GlobalProtect App does not establish a pre-logon tunnel in this scenario

Resolution


  1. If pre-logon tunnel is required then the end user must log off from the windows machine manually.
  2. The remote users can be queried and logged out by using the commands below.
  • Use QUser, command on windows to get a list of login sessions on the remote computer.
>QUser /server:ComputerName
  • Remotely log off any users on the list, using the command line Logoff with the remote session ID collected from QUser command.
>Logoff sessionID /server:ComputerName
  • Snippet of commands from Windows.
2022-05-30 17_38_32-WIN10-NEW.NET1.png
Other users also viewed:
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u000000CpktCAC&lang=en_US&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail

Choose Language