cancel
Showing results for 
Search instead for 
Did you mean: 
Replies are disabled for this topic. Start a new one or visit our Help Center.

Google Nest Router issues connecting to Palo Alto GlobalProtect VPN

BobJns
Community Member

I know some topic have been written about this topic, but they all seem to dead-end somewhere. My situation is as follows, I have a 1GBit Fiber Connection, which directly connects to the Nest Wifi Router. I use a MacBook Pro running MacOS 13.4 Ventura. When used without the VPN everything is super smooth, however for work I need to connect over the Palo Alto GlobalProtect VPN (Client version 6.0.3-38). Whenever a connection is established it works fine, however getting a connection is very hard (takes long, fails regularly). When exchanging the router for anything else, the VPN connects within a second. There is no double NAT since I have removed the providers router and use the Google Nest as the primary router (I did do a full reset since that change just to be sure, but situation stays the same). Hope anyone has any further suggestions.

1 Recommended Answer

olavrb
Platinum Product Expert
Platinum Product Expert

One more thing that might affect this: Nest Wifi + Apple devices sometimes struggle if MAC randomization is enabled and proxy settings is set to automatic. So try to set HTTP Proxy to "none".

https://www.expressvpn.com/support/troubleshooting/disable-proxy-safari

And Private IP Address (Mac randomization): Disable.
https://support.apple.com/en-us/guide/security/secb9cb3140c/web
https://support.apple.com/en-us/HT211227


I don't work for Google.

View Recommended Answer in original post

16 REPLIES 16

olavrb
Platinum Product Expert
Platinum Product Expert

What does the VPN client logs say, what fails? There's no logs available to us on Nest Wifi, so VPN client (your PC) and server (your company) logs would be the best place to get an idea about what might cause trouble here.


I don't work for Google.

BobJns
Community Member

Basically the only log record coming in is "The network connection is unreachable or the gateway is unresponsive. Check the network connection and reconnect." Which is not very helpful, especially not if 5 minutes later the connection just works

olavrb
Platinum Product Expert
Platinum Product Expert

Ask IT if the "receiving end", the server, has some more information? Give them your public IP (Google "what's my IP") and a timespan for when you tested, will make it easier for them to find the logs.


I don't work for Google.

BobJns
Community Member

I can try that, but I am pretty sure it is some issue with the Nest Wifi. If I remove the Nest and Plug in the FritzBox it has no issues whatsoever. I would really like to understand if there is any setting that can cause this behaviour

olavrb
Platinum Product Expert
Platinum Product Expert

Could be Nest Wifi, yes. I have Nest Wifi and have never had problems with company VPN. I've used Cisco, Tailscale and Cloudflare from home, no problems. So I still suspect double NAT could be in the picture here.

Is the FritzBox usually between the internet and Nest Wifi? If yes: Double NAT.


I don't work for Google.

BobJns
Community Member

No the FritzBox is not in between, it is the provider provided router, but not used in the setup when the Nest Router is connected

olavrb
Platinum Product Expert
Platinum Product Expert

Roger that. What IP does Nest Wifi get on WAN? More details in one of my previous replies.


I don't work for Google.

olavrb
Platinum Product Expert
Platinum Product Expert

And just to be sure you don't have double NAT: What kind of IP adress does Nest Wifi have for WAN? A typically global/public IP, or a typical local IP (RFC 1918)? If the last, you might still have double NAT. A local IP is typically 10.x.y.z, 192.168.x.y or 172.16-31.x.y.

You can find the WAN IP in the Google Home app -> Wi-Fi -> Network settings -> Advanced networking -> WAN.


I don't work for Google.

BobJns
Community Member

Unfortunately the app says "You cannot edit this setting at this moment", however when I do a trace route it get to the router IP (192.168.x.x) first and then directly to the provider (195.190.x.x)

olavrb
Platinum Product Expert
Platinum Product Expert

I can't edit that section either, but it does state what WAN IP I have.

You can also see the WAN IP by going to the Nest Wifi unit in question in the Google Home app, then the settings icon.

If yours is indeed 192.168.x.x you have double NAT.

Nest Wifi LAN IP is usually 192.168.86.x.


I don't work for Google.

BobJns
Community Member

OK the WAN IP is 86.93.x.x, I checked it now through your route of going to the device and then settings (thanks for that)

olavrb
Platinum Product Expert
Platinum Product Expert

Great, now that's confirmed. 🙂


I don't work for Google.

olavrb
Platinum Product Expert
Platinum Product Expert

One more thing that might affect this: Nest Wifi + Apple devices sometimes struggle if MAC randomization is enabled and proxy settings is set to automatic. So try to set HTTP Proxy to "none".

https://www.expressvpn.com/support/troubleshooting/disable-proxy-safari

And Private IP Address (Mac randomization): Disable.
https://support.apple.com/en-us/guide/security/secb9cb3140c/web
https://support.apple.com/en-us/HT211227


I don't work for Google.

BobJns
Community Member

That did it 🙂 It now connects in an instance as with the other router 🙂 Thanks a lot for the inputs and perseverance!

olavrb
Platinum Product Expert
Platinum Product Expert

Awesome! Glad it finally works. And I learned something new as well. 🙂


I don't work for Google.

Alex_S
Community Specialist
Community Specialist

Hi everyone,
 

We appreciate the help, @olavrb!

 

@BobJns, we’re glad to hear that this has been sorted out. I'm going to mark this thread as resolved. I'll be locking this thread after 24 hours. Should that happen, feel free to create a new thread if you have more questions or other concerns.


Cheers,
Alex