I have not seen any chatter or mention of this but I tried the 4.1.0 GP client in a lab environment yesterday.
* The app is redesigned and looks really nice
* You can now select from/add/remove multiple gateways!
* It would not connect to the VPN even after a reboot and reinstall :/
After going back to 4.0.7 everything worked again, then trying 4.1.0 again and same thing (no connection) then back to 4.0.7 and yay! working again. I see the traffic coming into the portal and being allowed, the client just never gets an established connection.
Anyone else brave enough to play with the new GP client? What did you find? Did it work? Same issue I am seeing?
I will try the new client on some other machines and OS versions to see if I can isolate the issue to a certain root cause. We won't be using this in production for a while or at least until I can validate this issue will not happen if we update all endpoints someday.
Solved! Go to Solution.
I changed the test user password and removed/swapped out the < and > characters and I was able to sign in right away without any issues using the 4.1 client.
This means PA has to resolve this before rolling the app out to the masses in order to prevent any such instance of this problem occuring with anyone using those characters in their passwords.
If you do roll this version out and some users are unable to connect, it may be related to special chars in their passwords.
Thanks again for everyone's input that lead me to this finding. I have a case open and I will update it and inform our SE of these findings.
Thanks, I was starting to wonder if it "required" PANOS 8.1 to function properly. I am not ready to take the 8.1 plunge yet, not even on my lab device after readin ghte known issues :/
I honestly haven't tried 4.1 on anything but 8.1, so I can't say if this is a known issue at all. According to documentation it should work perfectly fine on 8.0, and I think it even goes back to 7.1.*.
I actually just updated the GP client on my 8.0.8 LAB device and it's working and connecting perfectly fine. You might want to play around with it a little bit more; potentially try uninstalling the agent and then installing it with 4.1.0 from scratch might work better than a direct upgrade?
That may tell me if it works better or not but when we eventually upgrade it will have to be through the good ol' activate the new version on the gateway and let it auto update when users connect. So I want to make sure I get a good woprking endstate following the same path we will use for everyone.
I will try a manual install later tonight just to see what results I get tho
Just a heads up, 4.1.0 is a huge visual improvement over what was available previously. While it's very easy to interpret what they need to do, it might require a bit of re-training for more challenged end-users :)
Probably of no use to you but just to let you know that 4.1 seems to work OK with 7.1.15 and 8.0.8 aswell as 8.1.
this is using several auth options such as...
certificate auth only
radius only plus auth overide cookie
radius plus certificate
radius plus certificate plus auth overide cookie
ldap plus certificate.
unfortunately we do not use pre-logon. so cannot test....
group membership also works OK as login below (Admin Level) has the option to pick what gateway as well as portal.... I think you meant portal in your original post..
Ok so this gets more confusing, I'm using 8.0.8 and the 4.1.0 client just refuses to connect at all in any of my tests.
Uninstall 4.0.7 and fresh manual install of 4.1 - no connection
Upgrade from firewall - no connection
Windows 10 - no connection
Windows 7 - no connection
Linux - no connection
OSX - testing soon
Going back to 4.0.7 - works perfectly
Since I am the only one seeing these issues here but I have tried a mixture of client environments the common denominator is the firewall itself. Maybe something in my config that 4.1 does not like but everything prior has no problem with..
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!
The Live Community thanks you for your participation!