GP and Verizon ISP

Anyone notice this last week issues with Global Protect vpn and Verison internet? I have a few Panasonic Toughbooks that have internal cellular cards that are VZ based. When on VPN none of them can phone home and pull up our internal company sharepoint or other internal sites. Then I have 2 other users who have home VZ internet experiencing similar problem.

We had to adjust the mtu for Verizon. I think we use 1300. We created a special group and place those users in that saml group, to pick that setting up. No reason everyone has to suffer. I have noticed that when using ipv6, it seems to work better without the mtu change. May be the GP client version too. With all the cve being discovered, we are constantly upgrading versions.

If they have IPv6 enabled, try disabling it

had to switch to SSL only for some user thad T-Mobile for home ISP.

this, maybe?

i use a 1300 mtu to account for cell/fixed wireless.

a sign that this is the issue, in my opinion anyways, TRAFFIC log session end reason is something like decrypt-unsupport-param

This my friend had tmobile internet and iw puldnt work because of ipv6.

Cause of their shitty implementation at the Palo side and rather than fix it blame IPv6 for lack of knowledge.

It’s not just the Palo implementation. Cisco Anyconnect has also struggled with T-Mobile’s 5G ipv6 implementation if the vpn endpoints are v4 only. I think it’s t-mobiles v6 to v4 translation layer.