Enhanced Logging for the Selected GlobalProtect Gateway
Table of Contents
10.0 (EoL)
Expand all | Collapse all
-
- Automatic Content Updates Through Offline Panorama
- Enhanced Authentication for Dedicated Log Collectors and WildFire Appliances
- Syslog Forwarding Using Ethernet Interfaces
- Increased Configuration Size for Panorama
- Access Domain Enhancements for Multi-Tenancy
- Enhanced Performance for Panorama Query and Reporting
- Log Query Debugging
- Configurable Key Limits in Scheduled Reports
- Multiple Plugin Support for Panorama
End-of-Life (EoL)
Enhanced Logging for the Selected GlobalProtect Gateway
Identify issues to determine the reason for choosing
the specific gateway.
To help you to identify details as to why
the GlobalProtect app chose to connect to a specific gateway, the
GlobalProtect app now collects and reports information to identify gateway selection criteria and
latency between the gateway and the endpoint. By enabling the Log
Gateway Selection Criteria option as a dynamic app configuration,
the GlobalProtect app can now send the enhanced logs for the gateway
selection criteria to the firewall. Information about the gateway
selection criteria can help you to identify the priority and response
time of the selected gateway, the list of gateway connection attempts,
and statistics about the pre-tunnel and post-tunnel network latency.
The enhanced log fields for the gateway selection criteria have
been added to the GlobalProtect logs in MonitorLogsGlobalProtect.
- Enable the GlobalProtect app to send gateway selection criteria
logs to the firewall.
- Launch the Web Interface.
- Select NetworkGlobalProtectPortals<portal-config>Agent <agent-config>AppLog Gateway Selection Criteria.
- Select Yes to enable the GlobalProtect app to send the gateway selection criteria logs to the firewall.
- Click OK twice.
- Commit the configuration.
- To view the gateway information, filter for eventid eq gateway-auth in the GlobalProtect logs (MonitorLogsGlobalProtect).