GP 在网关列表下选择“最佳可用”时不连接。

18420

Created On 07/06/21 04:24 AM - Last Modified 05/17/23 03:28 AM

Symptom

-GP从列表中选择外部网关时连接成功。
- 然而，GP在网关下选择“最佳可用”后不会连接，如下所示。

可以提供的最好的 GP 未连接到最佳可用

PanGPS.log :

(T316)Debug(8316): 07/06/21 04:06:20:834 ----Portal Login starts----
...

(T316)Debug( 814): 07/06/21 04:06:21:006 REGION-PRIO, gateway 0(Gateway-1), 0, region = Any, priority = 0, portalRegion=192.168.0.0-192.168.255.255
(T316)Debug( 413): 07/06/21 04:06:21:006 REGION-PRIO, regioncode=192.168.0.0-192.168.255.255, return priority 0, bManual=1
(T316)Debug( 814): 07/06/21 04:06:21:006 REGION-PRIO, gateway 1(Gateway-2), 0, region = Any, priority = 0, portalRegion=192.168.0.0-192.168.255.255
(T316)Debug( 413): 07/06/21 04:06:21:006 REGION-PRIO, regioncode=192.168.0.0-192.168.255.255, return priority 0, bManual=1
(T316)Debug( 814): 07/06/21 04:06:21:006 REGION-PRIO, gateway 2(Gateway-3), 0, region = Any, priority = 0, portalRegion=192.168.0.0-192.168.255.255
(T316)Debug( 413): 07/06/21 04:06:21:006 REGION-PRIO, regioncode=192.168.0.0-192.168.255.255, return priority 0, bManual=1
(T316)Debug( 814): 07/06/21 04:06:21:006 REGION-PRIO, gateway 3(Gateway-4), 0, region = Any, priority = 0, portalRegion=192.168.0.0-192.168.255.255
(T316)Debug( 413): 07/06/21 04:06:21:006 REGION-PRIO, regioncode=192.168.0.0-192.168.255.255, return priority 0, bManual=1


(P116-T2276)Debug(6895): 07/06/21 04:52:16:731 --Set state to Discovering network...
(P116-T8484)Debug(5321): 07/06/21 04:52:16:731 CaptivePortalDetectionThread: IsDetectingCaptivePortal=1, PreLoginIsDone=0
(P116-T8484)Debug(5298): 07/06/21 04:52:16:731 CaptivePortalDetectionThread: wait (2000 ms) for captive portal detection event.
(P116-T2276)Debug(5647): 07/06/21 04:52:16:731 Logout gateways before network discover..., bJustResumed=0
(P116-T2276)Debug(1390): 07/06/21 04:52:16:731 Logging out gateway, reason is Network discover
(P116-T2276)Debug(1429): 07/06/21 04:52:16:731 Logging out gateway over
(P116-T2276)Debug( 330): 07/06/21 04:52:16:731 Parse gateway list for user gpuser
(P116-T2276)Debug(12930): 07/06/21 04:52:16:731 RetrieveClientIpByRemoteHost() - invalid remote host: .
(P116-T2276)Debug( 196): 07/06/21 04:52:16:731 SelectInternalGateways - failed to retrieve client source ipv6!
(P116-T2276)Debug(5473): 07/06/21 04:52:16:731 Gateway 192.168.168.61(test): ipv4 192.168.168.61, ipv6 , FQDN no
(P116-T2276)Debug( 350): 07/06/21 04:52:16:731 All external gateways are manual only                        <<<<<<<<<<<<<
(P116-T2276)Debug(5670): 07/06/21 04:52:16:731 Set network discover in progress
(P116-T2276)Debug(4215): 07/06/21 04:52:16:731 UpdatePrelogonStateForSSO() - tunnel state = Connecting
(P116-T2276)Debug(5737): 07/06/21 04:52:16:731 NetworkDiscoverThread: network type is external.
(P116-T2276)Debug(5810): 07/06/21 04:52:16:731 NetworkDiscoverThread: Discover external network.
(P116-T2276)Debug(5835): 07/06/21 04:52:16:731 On-demand mode, all external gateways are manual only        <<<<<<<<<<<<<
(P116-T2276)Debug(6895): 07/06/21 04:52:16:731 --Set state to Disconnected
(P116-T3340)Debug(2427): 07/06/21 04:52:16:731 Setting debug level to 5
(P116-T2276)Debug(5939): 07/06/21 04:52:16:747 NetworkDiscoverThread: PortalStatus is 1, HasLoggedOnGateway is 0
(P116-T2276)Debug(5962): 07/06/21 04:52:16:747 Network discovery is not ready, set GP VPN status as disconnected
(P116-T2276)Debug(11228): 07/06/21 04:52:16:747 SetVpnStatus called with new status=0, Previous Status=0
(P116-T2276)Debug(4215): 07/06/21 04:52:16:747 UpdatePrelogonStateForSSO() - tunnel state = Disconnected
(P116-T2276)Debug(5976): 07/06/21 04:52:16:747 All external gateways are manual only.                        <<<<<<<<<<<<<
(P116-T2276)Debug(6895): 07/06/21 04:52:16:747 --Set state to Discovery complete

Environment

通常这个问题会在所有PAN OS和GP客户端版本。

Cause

当所有外部网关的优先级都配置为“仅手动”时会发生这种情况，如下所示：
外部网关列表

Resolution

配置至少 1 个具有最高/高/中/低/最低优先级的外部网关。

GP 在网关列表下选择“最佳可用”时不连接。

Symptom

Environment

Cause

Resolution

Other users also viewed: