GlobalProtect app iOS issue

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

GlobalProtect app iOS issue

L2 Linker

We are currently using PA-410 equipment and the GP gateway license is also registered.
After setting the GP, it is used normally on Android and Windows
but even if the certificate is registered on the iOS device, it is possible to connect from the GP app
but the actual communication does not work, and it says that the external gateway cannot be found.
Please reply if you know a solution to this problem..

 

<PanGPS logging>

P45923-T15367 03/31/2023 11:18:09:815 Info ( 647): Server is trusted 211.209.235.38([64:ff9b::d3d1:eb26])
P45923-T8195 03/31/2023 11:18:09:929 Info ( 535): Finished with 211.209.235.38:443
P45923-T8195 03/31/2023 11:18:09:929 Debug( 487): error detail is (null)
P45923-T8195 03/31/2023 11:18:09:943 Debug( 366): Received data with length 473
P45923-T8195 03/31/2023 11:18:09:944 Debug( 421): m_errorDetails is NULL.
P45923-T8195 03/31/2023 11:18:09:944 Debug(7515): prelogin to portal result is
<?xml version="1.0" encoding="UTF-8" ?>
<prelogin-response>
<status>Success</status>
<ccusername></ccusername>
<autosubmit>false</autosubmit>
<msg></msg>
<newmsg></newmsg>
<authentication-message>Enter login credentials</authentication-message>
<username-label>Username</username-label>
<password-label>Password</password-label>
<panos-version>1</panos-version>
<saml-default-browser>yes</saml-default-browser><auth-api>no</auth-api><region>KR</region>
</prelogin-response>
P45923-T8195 03/31/2023 11:18:09:944 Debug(7568): REGION-PRIO, region code is KR
P45923-T8195 03/31/2023 11:18:09:944 Debug(13657): REGION-PRIO, save region code KR
P45923-T8195 03/31/2023 11:18:09:944 Debug(7635): Portal's saml default browser support = yes
P45923-T8195 03/31/2023 11:18:09:944 Debug(7655): Portal authentication-message is Enter login credentials
P45923-T8195 03/31/2023 11:18:09:944 Debug(7671): autosubmit is false
P45923-T8195 03/31/2023 11:18:09:944 Debug(7684): auth-api is no
P45923-T8195 03/31/2023 11:18:09:944 Debug(9372): ----Portal Login starts----
P45923-T8195 03/31/2023 11:18:09:945 Info ( 582): EVP_DecryptFinal_ex failed
P45923-T8195 03/31/2023 11:18:09:945 Debug(9308): Failed to decrypt data
P45923-T8195 03/31/2023 11:18:09:945 Debug(9363): Failed to get portal user password.
P45923-T8195 03/31/2023 11:18:09:945 Debug(8395): Empty user for GetCachedPortalCfgOldNewFileName
P45923-T8195 03/31/2023 11:18:09:945 Debug(9419): "___empty_username___" and empty cc user name and empty portal user auth cookie.
P45923-T8195 03/31/2023 11:18:09:945 Debug(9422): Set skip next switch off flag.
P45923-T8195 03/31/2023 11:18:09:945 Debug(1132): session cleanup.
P45923-T8195 03/31/2023 11:18:09:945 Debug(8728): portal status is User authentication failed.
P45923-T8195 03/31/2023 11:18:09:945 Debug(7303): --Set state to Disconnected
P45923-T8195 03/31/2023 11:18:09:948 Info ( 798): Set status C34B5501-8F9A-42C3-BC84-8C7F1FBAC35E
P45923-T8195 03/31/2023 11:18:10:060 Info ( 798): Set user_credential 51B3008E-9589-47DF-9960-65256BAFC273
P45923-T8195 03/31/2023 11:18:10:188 Debug( 77): Content hash 1357785248998153044, Always-On mode is enabled. Please sign in to continue.
P45923-T8195 03/31/2023 11:18:10:189 Info ( 526): Call completion handler
P45923-T8195 03/31/2023 11:18:10:190 Debug( 482): Message portal, 420b result: 0
P45924-T8195 03/31/2023 11:18:21:091 Info ( 158): Try extension instance lock, pid 45924
P45924-T8195 03/31/2023 11:18:21:092 Info ( 215): Extension com.paloaltonetworks.globalprotect.vpn.extension 6.0.5(6.0.5.16.1266357) started, pid 45924
P45924-T8195 03/31/2023 11:18:21:093 Info ( 257): GP Tunnel init called
P45924-T8195 03/31/2023 11:18:21:101 Info ( 688): Device ID B40C7D13BA2D4498866B520360BFCA7E
P45924-T8195 03/31/2023 11:18:21:102 Debug( 336): PanGPS, working directory is /private/var/mobile/Containers/Shared/AppGroup/786CD78B-F2E0-4830-B449-A78E1C06AD76
P45924-T8195 03/31/2023 11:18:21:142 Debug( 227): Plugin bundle is found
P45924-T8195 03/31/2023 11:18:21:142 Info ( 249): ####################### Start PanGPS service (ver: 6.0.5-16) #######################
P45924-T8195 03/31/2023 11:18:21:142 Info ( 250): Debug level is 5
P45924-T8195 03/31/2023 11:18:21:142 Info ( 251): OS: iOS 16.3, model: iPhone, device: iPhone-661F81C403A54DCC83482FEC2114BBA0, B40C7D13BA2D4498866B520360BFCA7E
P45924-T8195 03/31/2023 11:18:21:143 Error( 233): DRBG selftest: FAILED, error: error:2D08D065:FIPS routines:func(141):reason(101)
P45924-T8195 03/31/2023 11:18:21:143 Debug( 47): CControlManagerIos::StartServer()
P45924-T8195 03/31/2023 11:18:21:143 Debug( 69): psv init called
P45924-T8195 03/31/2023 11:18:21:143 Debug( 74): full path is /private/var/mobile/Containers/Shared/AppGroup/786CD78B-F2E0-4830-B449-A78E1C06AD76/cc.cer
P45924-T8195 03/31/2023 11:18:21:143 Debug( 74): full path is /private/var/mobile/Containers/Shared/AppGroup/786CD78B-F2E0-4830-B449-A78E1C06AD76/cc.pfx
P45924-T8195 03/31/2023 11:18:21:146 Debug( 677): Service-only is no
P45924-T8195 03/31/2023 11:18:21:146 Debug( 729): Kerberos auth, stopOnKerberosFail=0(yes)
P45924-T8195 03/31/2023 11:18:21:146 Debug( 734): Prefer ipv6 is yes.
P45924-T8195 03/31/2023 11:18:21:146 Debug( 757): CPanMSService::Init connect timeout 5, received timeout 30, portal timeout 5
P45924-T8195 03/31/2023 11:18:21:146 Debug( 763): CPanMSService::Init fips: fipsc-cc-mode-enabled
P45924-T8195 03/31/2023 11:18:21:146 Debug( 770): CPanMSService::Init fips: enable-fips-cc-mode
P45924-T8195 03/31/2023 11:18:21:146 Debug( 789): CPanMSService::Init fips: m_bFipsModeRequired 0
P45924-T8195 03/31/2023 11:18:21:146 Debug( 832): On demand is yes
P45924-T8195 03/31/2023 11:18:21:146 Debug( 838): Traffic Enforcement type is no
P45924-T8195 03/31/2023 11:18:21:146 Info (10612): CheckPrelogon: Portal is , PrelogonEnabled is no
P45924-T8195 03/31/2023 11:18:21:147 Debug( 895): override-cc-username is no
P45924-T8195 03/31/2023 11:18:21:147 Debug(5003): event log file is /private/var/mobile/Containers/Shared/AppGroup/786CD78B-F2E0-4830-B449-A78E1C06AD76/pan_gp_event.log
P45924-T8195 03/31/2023 11:18:21:147 Debug( 905): Event log thread started
P45924-T8195 03/31/2023 11:18:21:147 Debug( 167): Time zone GMT offset is 540
P45924-T13571 03/31/2023 11:18:21:147 Debug(4972): event log thread started.
P45924-T8195 03/31/2023 11:18:21:147 Info (10501): Portal config does not exist, try registry/plist
P45924-T8195 03/31/2023 11:18:21:147 Debug( 263): Start tunnel driver.
P45924-T8195 03/31/2023 11:18:21:147 Info ( 85): ----Driver Control is being started----
P45924-T8195 03/31/2023 11:18:21:147 Debug( 94): PsvStart called
P45924-T8195 03/31/2023 11:18:21:147 Info ( 115): Service callback table gets set.
P45924-T8195 03/31/2023 11:18:21:147 Debug( 230): set virtual interface driver started as yes
P45924-T8195 03/31/2023 11:18:21:147 Debug( 301): Virtual interface is started
P45924-T8195 03/31/2023 11:18:21:147 Debug( 393): start network montior thread
P45924-T8195 03/31/2023 11:18:21:147 Debug( 426): net monitor starts.
P45924-T8195 03/31/2023 11:18:21:148 Debug( 440): net monitor is ready.
P45924-T8195 03/31/2023 11:18:21:148 Debug( 162): value 0
P45924-T8195 03/31/2023 11:18:21:148 Info ( 51): Extension notifications initialized
P45924-T6659 03/31/2023 11:18:21:151 Info ( 316): Start tunnel called from app, 211.209.235.38
P45924-T6659 03/31/2023 11:18:21:151 Debug( 600): Network rechability flag is 0x40003
P45924-T6659 03/31/2023 11:18:21:151 Debug( 608): Network type is Wwan
P45924-T6659 03/31/2023 11:18:21:151 Debug( 201): interface pdp_ip0 ip 192.0.0.2/255.255.255.255
P45924-T6659 03/31/2023 11:18:21:151 Info ( 414): Process message 269b
P45924-T6659 03/31/2023 11:18:21:161 Info ( 446): Resolved password from reference {length = 20, bytes = 0x67656e7067d826d604a146318728476bd319d863}
P45924-T6659 03/31/2023 11:18:21:161 Info ( 531): msgtype = portal
P45924-T6659 03/31/2023 11:18:21:161 Debug(2667): ----Portal Processing starts----
P45924-T6659 03/31/2023 11:18:21:161 Debug(2705): no user-profile-type tag.
P45924-T6659 03/31/2023 11:18:21:161 Debug(2730): pg, source = 0, old source is 0
P45924-T6659 03/31/2023 11:18:21:161 Debug(2752): pg, preferred gateway not set in message, old prefergateway=NULL:)
P45924-T6659 03/31/2023 11:18:21:161 Debug(2812): no checkupdate tag.
P45924-T6659 03/31/2023 11:18:21:161 Debug(2831): no portal-certificate-verification tag.
P45924-T6659 03/31/2023 11:18:21:161 Debug(2881): No saml-load-cache tag.
P45924-T6659 03/31/2023 11:18:21:161 Debug(2904): no saml-auth-error tag.
P45924-T6659 03/31/2023 11:18:21:161 Debug(2924): no allow-cached-portal tag.
P45924-T6659 03/31/2023 11:18:21:161 Debug(2945): No win-user attribute in portal/user_credential message.
P45924-T6659 03/31/2023 11:18:21:161 Debug(2961): NewWinUser is , WinUser is , PreviousSwitchOffMsg is false
P45924-T6659 03/31/2023 11:18:21:161 Debug(2962): GetPrelogonStatus() 0, m_userName , m_preUsername
P45924-T6659 03/31/2023 11:18:21:161 Debug(3806): Grace period is 0
P45924-T6659 03/31/2023 11:18:21:161 Debug(7175): StopThreads starts:
P45924-T6659 03/31/2023 11:18:21:161 Debug(7178): threads have already stopped, StopThreads ends.
P45924-T6659 03/31/2023 11:18:21:161 Debug(7139): StartThreads starts:
P45924-T6659 03/31/2023 11:18:21:161 Debug( 46): start a HIP check thread
P45924-T6659 03/31/2023 11:18:21:161 Debug(2992): Update GP disable status to false
P45924-T6659 03/31/2023 11:18:21:161 Debug(3049): No domain in portal or user credential message.
P45924-T6659 03/31/2023 11:18:21:161 Debug(3176): No saved-passwd
P45924-T6659 03/31/2023 11:18:21:161 Debug(3186): Portal 211.209.235.38, user hiline, logonDomain , saved user hiline, path /private/var/mobile/Containers/Shared/AppGroup/786CD78B-F2E0-4830-B449-A78E1C06AD76/
P45924-T6659 03/31/2023 11:18:21:161 Debug(3252): use proxy is 1
P45924-T6659 03/31/2023 11:18:21:161 Debug(11263): SSO password is empty
P45924-T6659 03/31/2023 11:18:21:161 Debug(3448): m_preUsername
P45924-T16643 03/31/2023 11:18:21:161 Debug(5815): NetworkDiscoverThread: network discover thread starts.
P45924-T16643 03/31/2023 11:18:21:161 Debug(5843): NetworkDiscoverThread: wait for fed mandate event.
P45924-T21507 03/31/2023 11:18:21:161 Debug(6499): HipReportThread: HipReportThread starts up.
P45924-T21507 03/31/2023 11:18:21:162 Debug(6525): HipReportThread: wait for HIP report ready event.
P45924-T21251 03/31/2023 11:18:21:162 Debug(6797): NetworkConnectionMonitorThread: network connection monitor thread starts.
P45924-T6659 03/31/2023 11:18:21:162 Debug(8400): User name for cached portal confg: hiline
P45924-T6659 03/31/2023 11:18:21:162 Debug(3469): CheckCachedPortalForPrelogon 0, PrelogonNeedTimeout 0, RenameTimeout -1, userName hiline, preUsername
P45924-T6659 03/31/2023 11:18:21:162 Debug(3650): no use-ssl-tunnel tag.
P45924-T6659 03/31/2023 11:18:21:162 Debug(3657): bCheckCachedPortalForPrelogon: 0, m_bOnDemand: 1
P45924-T6659 03/31/2023 11:18:21:162 Debug(7303): --Set state to Retrieving configuration...
P45924-T20995 03/31/2023 11:18:21:162 Debug( 167): Start HipCheckThread
P45924-T20995 03/31/2023 11:18:21:162 Debug( 210): HipCheckThread started...
P45924-T20995 03/31/2023 11:18:21:162 Debug( 216): HipCheckThread: wait for hip check event for 3600000 ms);
P45924-T6659 03/31/2023 11:18:21:163 Info ( 798): Set status 61C549F3-82EF-4B25-9330-FA9A31F0932A
P45924-T6659 03/31/2023 11:18:21:270 Debug(13868): Portal's ipv6 address 64:ff9b::d3d1:eb26
P45924-T6659 03/31/2023 11:18:21:270 Debug(13870): Portal address mapped to ipv6
P45924-T6659 03/31/2023 11:18:21:270 Debug(8497): SSO enable status is 0, user name is hiline, domain name is .
P45924-T6659 03/31/2023 11:18:21:270 Debug(7351): ----Portal Pre-login starts----
P45924-T6659 03/31/2023 11:18:21:270 Debug(7391): Pre-login...,verifyportalcert=yes
P45924-T6659 03/31/2023 11:18:21:270 Debug(7444): Skip CheckServerCert result
P45924-T6659 03/31/2023 11:18:21:270 Debug( 128): Original host 211.209.235.38([64:ff9b::d3d1:eb26])
P45924-T6659 03/31/2023 11:18:21:270 Debug( 160): init session proxy to 1-0x10578f010.
P45924-T6659 03/31/2023 11:18:21:271 Debug( 294): session proxy is system proxy 0x10578f010.
P45924-T6659 03/31/2023 11:18:21:271 Info ( 309): Session <__NSURLSessionLocal: 0x1057916d0> set to (null)
P45924-T6659 03/31/2023 11:18:21:271 Debug( 311): bVerifyCert 1, m_bVerifyPortalCertificate 1
P45924-T6659 03/31/2023 11:18:21:272 Info (1475): Imported <cert(0x105795e00) s: 106.255.6.132 i: 106.255.6.132>
P45924-T6659 03/31/2023 11:18:21:272 Error( 363): Cannot get gateway client cert path

0 REPLIES 0
  • 1341 Views
  • 0 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!