I was actually playing around with this quite a bit last night, simply because I actually want to get 4.1 and the new UI rolled-out as soon as possible. I couldn't reproduce any connectivity issues in on-demand or pre-logon regardless of using 8.0.8 or 8.1.0. I'm guessing that it has to do something with your configuration, or for some reason the GP Package needs to be removed and re-downloaded/activated on your firewall. I've never seen one of those behavior poorly, but maybe something happened when you downloaded 4.1 that is causing your issues?
This morning I manualy installed the 4.1 client on a device configured for the corp network portal/gateway using pre-logon always on and it worked like a champ.
This was an 8.0.8 connection same as the lab environment. so the client is working there and it must be something in the config that the 4.1 client does not like in the lab. the lab is also setup to allow native android clients using Xauth so maybe that is it? I might have to start trimming features away until I find an indicator. fun... so much fun
p.s. the successful testing was done on a 32 bit machine so the client was 32bit but that should not make a difference
I am not seeing anything helpful in the logs... but just to make it more confusing... it *works* on OSX!!
* OSX - working
* win7 - nope
* win10 - nope
* Linux - nope
I have created a support ticket, I can't help feel like we are always seeing crazy one-off nobody else has that issue type of things all the time.
I think you just handed me the best clue! My password is 17 characters so I don't think its an issue of password length (for me anyway) I was looking at the logs (the PanGPS.log specifically) and noticed some odd broken XML in there then after reading your post I was looking at my password and noticed that part of my password was in the XML.
I think what is happening here is certain characters in the password are breaking it (notice line 3 below) The password character that appears before the broken XML tag is a < and after that is a > so I bet if i change my password to remove the < and/or the > it will be the magic fix for me. BUT Since prior versions don't break with that character and PA does not specify we cannot use that character, I think maybe they should fix the app and change their code to properly escape special characters.
(T5104) 03/08/18 18:47:04:975 Info ( 438): msgtype = hello
(T5104) 03/08/18 18:47:04:976 Debug(1120): Send response to client for request hello
(T5104) 03/08/18 18:47:05:479 Error(1455): end tag </7BsoX> not found
(T5104) 03/08/18 18:47:05:479 Error(1488): end tag </saved-passwd> not found
(T5104) 03/08/18 18:47:05:479 Error(1488): end tag </request> not found
(T5104) 03/08/18 18:47:05:479 Info ( 410): Message is not valid XML. Message is <request><ty
(T5104) 03/08/18 18:47:05:479 Info ( 194): Error processing receive data from client
(T5104) 03/08/18 18:47:05:479 Info ( 200): close client socket
This is just my theory and it really lines up with everything, I may test with a new password when I have time tomorrow and I will upadate my case with this new information. Thanks all for the dialog I feel pretty confident this is it.
That's actually really interesting, and likely why you don't have many people running into it. I know that I have some users however that do actually utilize these characters in there password, so I'll have them give it a try.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!
The Live Community thanks you for your participation!