Prisma Access:Global Protect users unable to access internet or internal applications when connected to France Gateways
792
Created On 04/23/25 21:10 PM - Last Modified 05/09/25 20:01 PM
Symptom
- Users unable to access internet or internal applications when connected France Gateways
- OpenDNS is configured as DNS resolver in the Gateways
- Users unable to perform a DNS lookup in France region connection
- DNS lookup failed
- DNS queries receive "Refused" messages
- The DNS response in packet capture shows the following message
-
- "The OpenDNS service is currently unavailable in France and some French territories due to a court order under Article L.333-10 of the French Sport Code. See https://support.opendns.com/hc/en-us"
Environment
- Prisma Access
- Cisco Umbrella
- OpenDNS
- Global Protect
- Mobile Users
Cause
- Gateways are configured to forward the DNS requests to the OpenDNS (ex : Cisco Umbrella)
- The OpenDNS (Cisco Umbrella) service is not available in France and some of its territories due to a court order.
- This restriction prevented DNS resolution for users connected to France Global protect Gateways, resulting in an inability to access internet or internal applications.
Resolution
- There is no resolution for this until the restrictions are removed.
- Explore alternative DNS solutions or work within the current limitations.
Additional Information
- Reference : OpenDNS Service Not Available To Users In France and Portugal
- Note: As per the recent update OpenDNS service has been reactivated in Portugal, France still has the problem.