About aarismendi

Hi, I recently started having issues with my account connecting from Windows after an upgrade. The account logs in fine still from MacOS. I've tried multiple Windows machines and all exhibit the same behavior. Creating a new test account worked from the same Windows machine. The device is a PA-3220 and was upgraded from 10.0.0.5 to 10.0.1.3. The GP version is 6.0.0, previously it was 5.2.10.   Is there any way to fix the original account or should it be delete/recreated to resolve?   Enclosed/below is a screenshot of the Wireshark packet capture which shows a TCP RST after the client/server SSL negotiation.   Here is the "----Gateway Login starts----" section of PanGPS.log where the error occurs. The error appears to be "unknown private header internal-error. Gateway <GATEWAY_FQDN>, status code -1". Note - environment specifics have been obsfuctated.    Set to service bUseCCUserGateway 0 and ccUserNameGateway Update user name from <VPN_USERNAME> to <VPN_USERNAME> OtpSaveCredential is save_credential External network gateway without OTP authentication Fallback portal user credential. Roaming profile is false profileInfo username DoD_Admin, profile path (null), server (null) Unserialized empty cookie for portal <GATEWAY_FQDN> and user <VPN_USERNAME> Unserialized empty cookie for portal <GATEWAY_FQDN> and pre-logon user. bIsEmptyUser is 0, bDPGCforManualOnlyGateway is 0, bDPGCNotforManualOnlyGateway is 0 Gateway auth method: saml, auth src: IDP Set to service bUseCCUserGateway 0 and ccUserNameGateway m_nEncryptedPasswordLen is 0 Roaming profile is false profileInfo username DoD_Admin, profile path (null), server (null) Unserialized empty cookie for portal <GATEWAY_FQDN> and user <VPN_USERNAME> Unserialized empty cookie for portal <GATEWAY_FQDN> and pre-logon user. use cached deviceSN Get preferred IPv4 for gateway <GATEWAY_IP> and user <VPN_USERNAME> Get preferred IPv6 for gateway <GATEWAY_IP> and user <VPN_USERNAME> Actual user for gateway login is <DOMAIN_NAME>\<VPN_USERNAME> Gateway selection type is auto use cached deviceSN Need to check gateway cert for <GATEWAY_FQDN> encpostdata, encpostdata=000001E15B0439E0, encpostdatalen=688 REQID=22,IPADDR=<GATEWAY_FQDN>,PORT=443,URL=/ssl-vpn/login.esp,POST=1,PROXY_AUTO=0,PROXY_CFGURL=NULL,PROXY=NULL,PROXY_BYPASS=NULL,PROXY_USER=NULL,PROXY_PASS=****,VERIFY_CERT=0,ADDITIONAL_CHECK=1,SCEP_CERT=,oid= Send response to client for request https_request receive pan_msg_ping, 1 Status code: -1, private header: internal-error unknown private header internal-error. Gateway <GATEWAY_FQDN>, status code -1 pszXmlConfig is NULL. 4278 pszXmlConfig is NULL, m_bInvalidUserCredential is false. Failed to retrieve info for gateway <GATEWAY_FQDN>. tunnel to <GATEWAY_FQDN> is not created. NetworkDiscoverThread: failed to discover external network. Network discovery failed, set error as The network connection is unreachable or the gateway is unresponsive. Check the network connection and reconnect. --Set state to Disconnected Setting debug level to 5 NetworkDiscoverThread: PortalStatus is 1, HasLoggedOnGateway is 0 Network discovery is not ready, set GP VPN status as disconnected SetVpnStatus called with new status=0, Previous Status=0 UpdatePrelogonStateForSSO() - tunnel state = Disconnected msgtype = disable ... View more