什么时候在 PanGPS.log 中看到日志URL过滤块GlobalProtect联系?
8579
Created On 06/15/22 04:17 AM - Last Modified 05/02/23 06:21 AM
Question
什么时候在 PanGPS.log 中看到日志URL过滤块GlobalProtect联系?
Environment
- 帕洛阿尔托防火墙
- Prisma Access - Mobile Users
- 支持的 PAN-OS
- GlobalProtect (GP )
- PanGPS.log 输出。
Answer
什么时候GP用户因以下原因断开连接URL过滤器阻塞GlobalProtect连接, PanGPS.log文件显示了下面列出的一些典型输出。
(P5072-T25004)Debug( 564): 04/07/22 08:28:08:830 Network is reachable
(P5072-T25004)Debug(1270): 04/07/22 08:28:08:913 Failed to X509_LOOKUP_load_file
(P5072-T25004)Error( 113): 04/07/22 08:28:08:923 sslvpn connection received unexpected message: (511) HTTP/1.1 503 Service Unavailable
Content-Type: text/html; charset=UTF-8
Content-Length: XXXX
Connection: close
P3P: CP="CAO PSA OUR"
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
<!DOCTYPE html>
<html lang="en">
<head>
<base href="/login/">
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=.85">
(P5072-T25004)Debug(1346): 04/07/22 08:28:08:923 OpenSSL alert write:warning:close notify
(P5072-T25004)Info ( 364): 04/07/22 08:28:08:923 Connecting to xxx.xxx.xxx.xxx failed
(P5072-T25004)Info ( 276): 04/07/22 08:28:08:923 Start vpn do_connect() failed
Additional Information
要解决此问题,请检查URL过滤设置允许GlobalProtect连接。