Prelogon - PanCredGet

Reply
Highlighted
L2 Linker

Prelogon - PanCredGet

PAN-OS - 9.0.3

Global Protect 5.0.3

 

We are having problems with GPPrelogon. 

 

Logs:

 

(T7612) 07/22/19 15:20:16:670 Debug(5727): REGION-PRIO, region code is GB
(T7612) 07/22/19 15:20:16:670 Debug(10868): REGION-PRIO, save region code GB
(T7612) 07/22/19 15:20:16:670 Debug(5783): Portal authentication-message is Enter RAFA login credentials
(T7612) 07/22/19 15:20:16:670 Debug(5799): autosubmit is false
(T7612) 07/22/19 15:20:16:670 Debug(7179): ----Portal Login starts----
(T7612) 07/22/19 15:20:16:670 Debug( 310): No need to decrypt data with length 0
(T7612) 07/22/19 15:20:16:670 Debug( 530): pan_read_text_from_file(): File does not exist. File: C:\Program Files\Palo Alto Networks\GlobalProtect\PanPCD_e30b15ae554406f5223cc15453e1a19.dat
(T7612) 07/22/19 15:20:16:670 Debug(1655): cannot restore portal config digest C:\Program Files\Palo Alto Networks\GlobalProtect\PanPCD_e30b15ae554406f5223cc15453e1a19.dat.
(T7612) 07/22/19 15:20:16:670 Debug(1519): Failed to open file C:\Program Files\Palo Alto Networks\GlobalProtect\PanPUAC_e30b15ae554406f5223cc15453e1a19.dat
(T7612) 07/22/19 15:20:16:670 Debug(1496): Unserialized empty cookie for portal secure.rafa.org.uk and pre-logon user.
(T7612) 07/22/19 15:20:16:670 Debug(7247): IsInPrelogon() 1, GetPrelogonStatus() 1
(T7612) 07/22/19 15:20:16:670 Debug( 310): No need to decrypt data with length 0
(T7612) 07/22/19 15:20:16:670 Debug(6812): use cached deviceSN
(T7612) 07/22/19 15:20:16:670 Debug(6812): use cached deviceSN
(T7612) 07/22/19 15:20:16:670 Debug( 324): ClearHipCustomCheckInfo(): pHipCustomCheckInfo is NULL.
(T7612) 07/22/19 15:20:16:670 Debug( 86): ClearHipCustomCheckRegKeyInfo(): pHipCustomCheckRegKeyInfo is NULL.
(T7612) 07/22/19 15:20:16:670 Debug( 530): pan_read_text_from_file(): File does not exist. File: C:\Program Files\Palo Alto Networks\GlobalProtect\PanPortalCfgCriteria_e30b15ae554406f5223cc15453e1a19.dat
(T7612) 07/22/19 15:20:16:670 Debug( 71): Portal config criteria is restored.
(T7612) 07/22/19 15:20:16:670 Debug( 530): pan_read_text_from_file(): File does not exist. File: C:\Program Files\Palo Alto Networks\GlobalProtect\PanPortalCfgCriteria_e30b15ae554406f5223cc15453e1a19.dat
(T7612) 07/22/19 15:20:16:670 Debug(7317): m_szDomainAndUsername is pre-logon
(T7612) 07/22/19 15:20:16:670 Debug( 990): PrepareRequest, m_pMachineCertCtx is 0000000000000000...
(T7612) 07/22/19 15:20:16:670 Debug( 998): WinHttpOpenRequest...
(T7612) 07/22/19 15:20:16:670 Debug( 442): CPanHTTPSession::PostRequest: WinHttpSendRequest...
(T7612) 07/22/19 15:20:16:702 Debug( 453): bResults=1, g_dwStatus = 00000000
(T7612) 07/22/19 15:20:16:702 Debug( 675): Server secure.rafa.org.uk cert chain has been created.
(T7612) 07/22/19 15:20:16:702 Debug( 689): Server secure.rafa.org.uk cert verification passed
(T7612) 07/22/19 15:20:16:702 Debug( 721): Check server certificate revocation returns TRUE
(T7612) 07/22/19 15:20:16:702 Debug( 475): CPanHTTPSession::PostRequest: WinHttpReceiveREsponse...
(T7612) 07/22/19 15:20:16:702 Debug( 487): CPanHTTPSession::PostRequest: WinHttpQueryHeaders...
(T7612) 07/22/19 15:20:16:702 Debug(1149): m_bUserAuthentication is set to false.
(T7612) 07/22/19 15:20:16:702 Debug( 530): CPanHTTPSession::SendRequest: WinHttpQueryHeaders...
(T7612) 07/22/19 15:20:16:702 Debug(1168): Auth failed. Private header is auth-failed-password-empty
(T7612) 07/22/19 15:20:16:702 Debug(7540): Portal config is NULL.
(T7612) 07/22/19 15:20:16:702 Debug(6707): portal status is User authentication failed.
(T7612) 07/22/19 15:20:16:702 Debug(5521): --Set state to Disconnected
(T7612) 07/22/19 15:20:16:702 Info ( 648): return without process!!!! socket=-1, os=14
(T7612) 07/22/19 15:20:16:702 Debug(6051): In prelogon, failed to get portal configuration.
(T7612) 07/22/19 15:20:21:711 Debug(8305): ProcessServerPortal failed
(T7612) 07/22/19 15:20:21:711 Debug(1692): ----portal processing starts----
(T7612) 07/22/19 15:20:21:711 Debug(1713): no user-profile-type tag.
(T7612) 07/22/19 15:20:21:711 Debug(1720): pg, source = 3, old source is 3
(T7612) 07/22/19 15:20:21:711 Debug(1742): pg, preferred gateway not set in message, old prefergateway=NULL:)
(T7612) 07/22/19 15:20:21:711 Debug(1807): no checkupdate tag.
(T7612) 07/22/19 15:20:21:711 Debug(1826): no portal-certificate-verification tag.
(T7612) 07/22/19 15:20:21:711 Debug(1859): No saml-load-cache tag.
(T7612) 07/22/19 15:20:21:711 Debug(1882): no saml-auth-error tag.
(T7612) 07/22/19 15:20:21:711 Debug(1893): allow-cached-portal is yes
(T7612) 07/22/19 15:20:21:711 Debug(1921): No win-user attribute in portal/user_credential message.
(T7612) 07/22/19 15:20:21:711 Debug(1927): This portal message is from prelogon thread
(T7612) 07/22/19 15:20:21:711 Debug(1937): NewWinUser is , WinUser is , PreviousSwitchOffMsg is false
(T7612) 07/22/19 15:20:21:711 Debug(1938): GetPrelogonStatus() 1, m_userName pre-logon, m_preUsername pre-logon
(T7612) 07/22/19 15:20:21:711 Debug(5373): StartThreads starts:
(T7612) 07/22/19 15:20:21:711 Debug(2079): No saved-user
(T7612) 07/22/19 15:20:21:711 Debug(2090): No saved-passwd
(T7612) 07/22/19 15:20:21:711 Debug(2099): Portal secure.rafa.org.uk, user pre-logon, logonDomain , saved user , path C:\Program Files\Palo Alto Networks\GlobalProtect\
(T7612) 07/22/19 15:20:21:711 Debug(1547): SSO GetSsoCredential starts.
(T7612) 07/22/19 15:20:21:711 Info (1577): SSO ----- PanCredGet failed with error Element not found.

 

Any ideas ?

 

Darren

L7 Applicator

Re: Prelogon - PanCredGet

Is it new setup and has never worked?

Are you using user or computer certificates?

Enterprise Architect @ Cloud Carib www.cloudcarib.com
ACE (3.0, 5.0, 6.0, 7.0), PCNSE (6, 7), PCNSI
L2 Linker

Re: Prelogon - PanCredGet

Hi, 

 

Our PA and Global Protect are well established, however Prelogon is new. 

 

We are using PKI to delivery certs to all machines. 

 

D.

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!

The Live Community thanks you for your participation!