Situation: The client configured Paloalto Firewall to allow VPN users accessing AWS Tunnel. However, the VPN home users can’t access the AWS tunnel and Monitor doesn’t show any traffics.
Troubleshooting: You need to configure GlobalProtect VPN Gateway or add the AWS Tunnel IP addresses to the GlobalProtect Gateway. Please refer to this post: Configure Paloalto Firewall to allow VPN users accessing another IPSec Tunnel