View All Resources

University Client VPN Troubleshooting Guide

This guide is meant to provide helpful troubleshooting steps to empower Local Support Providers to resolve issues they find with the installation and/or operation of the University Client VPN “Palo Alto – GlobalProtect”. 

Click on a plus sign [+] to view additional information and a minus sign [-] to hide it.

Can the user log in to the portal website? If not, see the list below for troubleshooting steps.

Is the user having an authentication error?

The University Client VPN is authenticated via PennKey. If the user has forgotten their PennKey username or password or are having trouble with those credentials, have them submit a ticket to the PennKey Support team.  

Is the user enrolled in Penn Two-Step?

Users must first be enrolled in Penn Two-Step to access the University Client VPN. To enroll, access the Two-Step Verification site: have them enroll, and then try again.

Is the user in the proper PennGroups group for VPN access?

Have the user go to this URL:

The user should receive this message: 

If not, please submit a ticket with the ISC PennGroups team.

Can the user receive a ping response from

Are there connectivity issues at the user’s home?

Are there certificate issues in the browser?

Try using a different browser, clearing browser cache, or using Incognito Mode

Can the user resolve to its correct IP address? (

There could be DNS issues. Ensure the user doesn’t have any local DNS setup and that they have the correct responding Penn DNS Servers:,

Is the user using more than one VPN?

Make sure the user is connecting to GlobalProtect first and that the second VPN is not a full tunnel.

Is the user connected to the VPN network once they log in?

Run ipconfig in Windows or ifconfig in MacOS and make sure they are part of one of these subnets: or


Rebooting can resolve many issues and is a good first step to try.

Is the VPN client installed properly?

Make sure you are obtaining the client from the portal. If not, uninstall, download, and reinstall.

Killer Network Manager

This is a program that has been found on Alienware machines as well as Dell machines ad can cause problems with GlobalProtect. You can search Systeminfo.txt as well as NicConfig.txt for this software. 


Here is a link for troubleshooting Killer Network Manager with VPN clients:


For additional information on this software see this link:

Windows Defender Problems

in the PanGPHip.log file search for “defender” an “opswat” error shows up which doesn’t allow the client to connect or keeps dropping the connection as soon as it does.  This has been fixed in the newest version so far, so I would make sure they are running the newest version at the time.

Port 4767

There can be problems with the connection on port 4767.  This shows up in the PanGPA.log.  When reviewing this log, search for 4767. You may see an error about failure to connect on port 4767.  Verify the computer is listening for the connection: 


On a Mac from a terminal

Netstat -an | grep 4767 you should see this below:

tcp4       0      0         *.*       LISTEN


On Windows from CLI

Netstat -an | find “4767”



If it isn’t listening you might try restarting the client or rebooting the computer. You can also temporarily disable the local firewall and see if the machine is able to connect.  If you can connect after this step, you can add an exception to Windows Firewall:

Driver Problems

Driver problems may show up in the PanGPS.log.  In this log, search for errors. If you see something like “start driver failed” or “EnableVIF failed”, try reinstalling the VPN client from scratch

To collect logs on the GlobalProtect client:

  • Click Settings in the top right corner
  • Select the Troubleshooting Tab
  • Ensure the Logging Level is set to Debug
  • Click “Collect Logs”

This will download a zipped directory of files.  If opening a ticket with ISC, please attach this zip file to the ticket.

*NOTE* - Make sure to reboot first, then attempt connection, then collect logs.

Useful Log Files


This log tells you information about the local system


This log tells you client events on the local system


This log shows HIP events. *NOTE* There have been problems with Windows Defender that show up here


This log shows logical event problems


This log can also be helpful