search

yuezk / GlobalProtect-openconnect

A GlobalProtect VPN client for Linux, written in Rust, based on OpenConnect and Tauri, supports SSO with MFA, Yubikey, and client certificate authentication, etc.
GNU General Public License v3.0
1.41k stars 157 forks source link

Gateway authentication failed #128

Closed nicolasshu closed 10 months ago

nicolasshu commented 2 years ago

Referring back to #11

When trying this on Arch Linux against vpn.gatech.edu I get an error box saying "Gateway authentication failed. Unknown response for gateway prelogin interface."

The result of https://vpn.gatech.edu/global-protect/prelogin.esp?tmp=tmp&kerberos-support=yes&ipv6-support=yes&clientVer=4100&clientos=Linux is:

<prelogin-response> <status>Success</status> <ccusername/> <autosubmit>false</autosubmit> <msg/> <newmsg/> <authentication-message>Enter login credentials</authentication-message> <username-label>Username</username-label> <password-label>Password</password-label> <panos-version>1</panos-version> <saml-default-browser>yes</saml-default-browser> <region>US</region> </prelogin-response>

This is a current bug that is occurring, and opening a new issue

udaykamal20 commented 2 years ago

Hey, I am also facing the same issue, did you manage to find any solution for this?

nicolasshu commented 2 years ago

I've been connecting to that via OpenConnect instead

yuezk commented 2 years ago

Will have a check on it.

yuezk commented 2 years ago

@nicolasshu I'm able to parse the prelogin response with vpn.gatech.edu. If it is still reproducible to you, would you mind starting the client with gpclient and posting the logs here?

image

loomsen commented 2 years ago

Hi,

I'm having he same issue:

2022-06-18 08:56:19.135 INFO  [219064] [PortalAuthenticator::onFetchConfigFinished@199] Fetch the portal config succeeded.
2022-06-18 08:56:19.135 INFO  [219064] [PortalConfigResponse::parse@20] Start parsing the portal configuration...
2022-06-18 08:56:19.135 INFO  [219064] [PortalConfigResponse::parse@32] Start reading portal-userauthcookie
2022-06-18 08:56:19.135 INFO  [219064] [PortalConfigResponse::parse@35] Start reading portal-prelogonuserauthcookie
2022-06-18 08:56:19.135 INFO  [219064] [PortalConfigResponse::parse@42] Finished parsing portal configuration.
2022-06-18 08:56:19.135 INFO  [219064] [GPClient::onPortalSuccess@308] Portal authentication succeeded.
2022-06-18 08:56:19.135 INFO  [219064] [GPClient::onPortalSuccess@312] No gateway found in portal configuration, treat the portal address as a gateway.
2022-06-18 08:56:19.135 INFO  [219064] [GPClient::tryGatewayLogin@348] Try to preform login on the the gateway interface...
2022-06-18 08:56:19.135 INFO  [219064] [GPClient::setAllGateways@455] Updating all the gateways...
2022-06-18 08:56:19.135 INFO  [219064] [GPClient::populateGatewayMenu@139] Populating the Switch Gateway menu...
2022-06-18 08:56:19.136 INFO  [219064] [GPClient::setCurrentGateway@475] Updating the current gateway to vpn.example.net
2022-06-18 08:56:19.136 INFO  [219064] [GPClient::populateGatewayMenu@139] Populating the Switch Gateway menu...
2022-06-18 08:56:19.136 INFO  [219064] [GPClient::gatewayLogin@367] Performing gateway login...
2022-06-18 08:56:19.139 INFO  [219064] [GatewayAuthenticator::authenticate@28] Start gateway authentication...
2022-06-18 08:56:19.139 INFO  [219064] [GatewayAuthenticator::login@41] Trying to login the gateway at https://vpn.example.net/ssl-vpn/login.esp, with prot=https%3A&server=&jnlpReady=jnlpReady&computer=localhost.localdomain&ok=Login&direct=yes&clientVer=4100&os-version=Fedora Linux 36 %28Workstation Edition%29&clientos=Linux&portal-prelogonuserauthcookie=&prelogin-cookie=&ipv6-support=yes&user=&passwd=&portal-userauthcookie=&inputStr=
2022-06-18 08:56:19.265 ERROR [219064] [GatewayAuthenticator::onLoginFinished@53] Failed to login the gateway at https://vpn.example.net/ssl-vpn/login.esp, Unknown error
2022-06-18 08:56:19.265 INFO  [219064] [GatewayAuthenticator::doAuth@81] Perform the gateway prelogin at https://vpn.example.net/ssl-vpn/prelogin.esp?tmp=tmp&kerberos-support=yes&ipv6-support=yes&clientVer=4100&clientos=Linux
2022-06-18 08:56:19.306 INFO  [219064] [GatewayAuthenticator::onPreloginFinished@98] Gateway prelogin succeeded.
2022-06-18 08:56:19.306 INFO  [219064] [PreloginResponse::parse@26] Start parsing the prelogin response...
2022-06-18 08:56:19.306 ERROR [219064] [GatewayAuthenticator::onPreloginFinished@107] Unknown prelogin response for https://vpn.example.net/ssl-vpn/prelogin.esp?tmp=tmp&kerberos-support=yes&ipv6-support=yes&clientVer=4100&clientos=Linux, got <?xml version="1.0" encoding="UTF-8" ?>
<prelogin-response>
<status>Error</status>
<ccusername></ccusername>
<autosubmit></autosubmit>
<msg>GlobalProtect gateway does not exist</msg>
<newmsg></newmsg>
<license>yes</license>
<authentication-message></authentication-message>
<username-label></username-label>
<password-label></password-label>
<panos-version>1</panos-version>
<saml-default-browser>yes</saml-default-browser><auth-api>no</auth-api><region></region>
</prelogin-response>

In my config, I have:


[vpn.example.net]
openconnect-args=--authgroup="Germany Central"

From the CLI this works to select the gateway Germany Central.

yuezk commented 2 years ago

@loomsen Trying the following steps:

  1. Make sure to use the latest version 1.4.8
  2. Remove the value of openconnect-args
  3. Reset the client by clicking the Reset button of the system tray menu.
  4. Input the portal address and try again
loomsen commented 2 years ago

Hi @yuezk

Same outcome, actually I just installed and tried this project the first time today, and only added the options after it didn't work initially. Anyway, I did the steps you proposed, but it's the same outcome.

yuezk commented 2 years ago

What command are you using previously with bare openconnect?

loomsen commented 2 years ago 
openconnect --protocol=gp --allow-insecure-crypto --user=user@example.com --os=win --usergroup=portal:prelogin-cookie --passwd-on-stdin vpn.example.net --authgroup="Germany Central"
yuezk commented 2 years ago

What's the response to https://vpn.example.net/global-protect/prelogin.esp?

nicolasshu commented 2 years ago

For some reason, whenever I run gpclient, the program starts, but it exits the terminal so I can't see the logs. I have honestly just been using openconnect 

$ sudo openconnect --protocol=gp -u username vpn.gatech.edu

POST https://vpn.gatech.edu/global-protect/prelogin.esp?tmp=tmp&clientVer=4100&clientos=Linux
Connected to 143.215.254.43:443
SSL negotiation with vpn.gatech.edu
Connected to HTTPS on vpn.gatech.edu with ciphersuite (TLS1.2)-(RSA)-(AES-256-GCM)
Enter login credentials
Password: ***********************
POST https://vpn.gatech.edu/global-protect/getconfig.esp
Choose a secondary factor from ('push1', 'phone1', 'phone2') or enter passcode:
Challenge: push1
POST https://vpn.gatech.edu/global-protect/getconfig.esp
Portal set HIP report interval to 60 minutes).
2 gateway servers available:
  DC Gateway (dc-ext-gw.vpn.gatech.edu)
  NI Gateway (ni-ext-gw.vpn.gatech.edu)
Please select GlobalProtect gateway.
GATEWAY: [DC Gateway|NI Gateway]:NI Gateway
POST https://ni-ext-gw.vpn.gatech.edu/ssl-vpn/login.esp
Connected to 143.215.254.51:443
SSL negotiation with ni-ext-gw.vpn.gatech.edu
Connected to HTTPS on ni-ext-gw.vpn.gatech.edu with ciphersuite (TLS1.2)-(RSA)-(AES-256-GCM)
GlobalProtect login returned authentication-source=gp-auth-sequence-new
GlobalProtect login returned portal-userauthcookie=NpbQmxrquWgka5TSIw3OMmQK35KYEVZBqb6D3Yk8/o4sWg5AZ/QrVVD7jhvJFzy+inHEvFUF1GFMOb1Sy1nGsmQIWKloxwTr5MnYbsU1Xyr4cO0nXz1CNP5q9M/XUFHmo+b8brtvNbjijVhGt7O+ZSBXvfi8+g7VLmPc5yqk+R3StjiPGHSgF2shcFnk5nU9jRd01v4DXqffdBj9dgJHJmnXtcc1YGOpBAdfk6zA5DT1N/bRdZKRX8+9Vs5bGDQMgr/4UruEzYfrSQU0bg7qGNng2FowxoxwPwlU4fpSHKaquLXX30xiBz8sPngYbEauW/t+LT2qSLlI/11f43Ajuw==
GlobalProtect login returned portal-prelogonuserauthcookie=Yls9MVMs69tORjQb5CyYBqKaC1blqETsxTU0K0ureUAxdPnkA2UePArmt06NVBd31UQGtDV5UkSSvQWJyP0mA/+Pl9KQ3/jNCMfb1l4WIfuxpYKApJWRJyHjBssHFSk2/BZ2/Aru4HrTNyOZNbdj6IsLjWAZD7cxHykYbrYDPsx1qFS5sPIfATl0Gr9QM85g6lw6ZvWns7F284nwWJXSYfY96+XphPTyrBq18GRmsKzeDCI6EmVPwST3zPBH0lYb0jtYFqwNEJvBPpojThiMzjCftacnNkgUCrqbSyq/R8+9DbZBQAwxx6pyrmtbGlTn5s2P9HXxSAcyuBh2zHF+4g==
GlobalProtect login returned usually-equals-4=4
GlobalProtect login returned usually-equals-unknown=unknown
POST https://ni-ext-gw.vpn.gatech.edu/ssl-vpn/getconfig.esp
Tunnel timeout (rekey interval) is 180 minutes.
Idle timeout is 180 minutes.
GlobalProtect IPv6 support is experimental. Please report results to <openconnect-devel@lists.infradead.org>.
No MTU received. Calculated 1422 for ESP tunnel
POST https://ni-ext-gw.vpn.gatech.edu/ssl-vpn/hipreportcheck.esp
WARNING: Server asked us to submit HIP report with md5sum 0bc8dc770db1409aac70a374c31699b3.
    VPN connectivity may be disabled or limited without HIP report submission.
    You need to provide a --csd-wrapper argument with the HIP report submission script.
ESP session established with server
ESP tunnel connected; exiting HTTPS mainloop.
Configured as 10.2.64.21 + 2610:148:2002:4000:3248:5755:4741:1acc, with SSL disconnected and ESP established
Session authentication will expire at Wed Aug 17 13:31:50 2022
nicolasshu commented 2 years ago

Actually, for some reason, it started working. Here you go:

Server: vpn.gatech.edu Then I enter my username and password, then I get the message:

Gateway authentication failed
Unknown response for gateway prelogin interface.

and the following logs:

2022-07-18 13:37:04.171 INFO  [20989] [main@24] GlobalProtect started, version: 1.4.8+2snapshot.g0adeaf9
2022-07-18 13:37:04.380 INFO  [20989] [GPClient::populateGatewayMenu@131] Populating the Switch Gateway menu...
2022-07-18 13:37:05.902 INFO  [20989] [GPClient::populateGatewayMenu@131] Populating the Switch Gateway menu...
2022-07-18 13:37:15.019 INFO  [20989] [GPClient::doConnect@236] Start connecting...
2022-07-18 13:37:15.019 INFO  [20989] [GPClient::doConnect@252] Start gateway login using the previously saved gateway...
2022-07-18 13:37:15.020 INFO  [20989] [GPClient::gatewayLogin@359] Performing gateway login...
2022-07-18 13:37:15.022 INFO  [20989] [GatewayAuthenticator::authenticate@28] Start gateway authentication...
2022-07-18 13:37:15.022 INFO  [20989] [GatewayAuthenticator::login@41] Trying to login the gateway at https://vpn.gatech.edu/ssl-vpn/login.esp, with prot=https%3A&server=&jnlpReady=jnlpReady&computer=archtower&ok=Login&direct=yes&clientVer=4100&os-version=Arch Linux&clientos=Linux&portal-prelogonuserauthcookie=&prelogin-cookie=&ipv6-support=yes&user=&passwd=&portal-userauthcookie=&inputStr=
2022-07-18 13:37:15.024 INFO  [20989] [GPClient::populateGatewayMenu@131] Populating the Switch Gateway menu...
2022-07-18 13:37:15.480 ERROR [20989] [GatewayAuthenticator::onLoginFinished@53] Failed to login the gateway at https://vpn.gatech.edu/ssl-vpn/login.esp, Unknown error
2022-07-18 13:37:15.480 INFO  [20989] [GatewayAuthenticator::doAuth@81] Perform the gateway prelogin at https://vpn.gatech.edu/ssl-vpn/prelogin.esp?tmp=tmp&kerberos-support=yes&ipv6-support=yes&clientVer=4100&clientos=Linux
2022-07-18 13:37:15.516 INFO  [20989] [GatewayAuthenticator::onPreloginFinished@98] Gateway prelogin succeeded.
2022-07-18 13:37:15.516 INFO  [20989] [PreloginResponse::parse@26] Start parsing the prelogin response...
2022-07-18 13:37:15.516 ERROR [20989] [GatewayAuthenticator::onPreloginFinished@107] Unknown prelogin response for https://vpn.gatech.edu/ssl-vpn/prelogin.esp?tmp=tmp&kerberos-support=yes&ipv6-support=yes&clientVer=4100&clientos=Linux, got <?xml version="1.0" encoding="UTF-8" ?>
<prelogin-response>
<status>Error</status>
<ccusername></ccusername>
<autosubmit></autosubmit>
<msg>GlobalProtect gateway does not exist</msg>
<newmsg></newmsg>
<license>yes</license>
<authentication-message></authentication-message>
<username-label></username-label>
<password-label></password-label>
<panos-version>1</panos-version>
<saml-default-browser>yes</saml-default-browser><region></region>
</prelogin-response>
2022-07-18 13:37:15.516 INFO  [20989] [GPClient::onGatewayFail@400] Quick connection failed, trying to portal login...
2022-07-18 13:37:15.519 INFO  [20989] [PortalAuthenticator::authenticate@35] (1/5) attempts, preform portal prelogin at https://vpn.gatech.edu/global-protect/prelogin.esp?tmp=tmp&kerberos-support=yes&ipv6-support=yes&clientVer=4100&clientos=Linux
2022-07-18 13:37:15.573 INFO  [20989] [PortalAuthenticator::onPreloginFinished@52] Portal prelogin succeeded.
2022-07-18 13:37:15.573 INFO  [20989] [PreloginResponse::parse@26] Start parsing the prelogin response...
2022-07-18 13:37:15.573 INFO  [20989] [PortalAuthenticator::onPreloginFinished@56] Finished parsing the prelogin response. The region field is: US
2022-07-18 13:37:15.573 INFO  [20989] [PortalAuthenticator::normalAuth@88] Trying to launch the normal login window...
2022-07-18 13:37:15.612 INFO  [20989] [GPClient::populateGatewayMenu@131] Populating the Switch Gateway menu...
2022-07-18 13:37:20.775 INFO  [20989] [PortalAuthenticator::fetchConfig@173] Fetching the portal config from https://vpn.gatech.edu/global-protect/getconfig.esp
2022-07-18 13:37:21.712 INFO  [20989] [PortalAuthenticator::onFetchConfigFinished@199] Fetch the portal config succeeded.
2022-07-18 13:37:21.712 INFO  [20989] [PortalConfigResponse::parse@20] Start parsing the portal configuration...
2022-07-18 13:37:21.712 INFO  [20989] [PortalConfigResponse::parse@42] Finished parsing portal configuration.
2022-07-18 13:37:21.712 INFO  [20989] [PortalAuthenticator::onFetchConfigFinished@208] Closing the StandardLoginWindow...
2022-07-18 13:37:21.718 INFO  [20989] [GPClient::onPortalSuccess@300] Portal authentication succeeded.
2022-07-18 13:37:21.718 INFO  [20989] [GPClient::onPortalSuccess@304] No gateway found in portal configuration, treat the portal address as a gateway.
2022-07-18 13:37:21.718 INFO  [20989] [GPClient::tryGatewayLogin@340] Try to preform login on the the gateway interface...
2022-07-18 13:37:21.718 INFO  [20989] [GPClient::setAllGateways@447] Updating all the gateways...
2022-07-18 13:37:21.718 INFO  [20989] [GPClient::populateGatewayMenu@131] Populating the Switch Gateway menu...
2022-07-18 13:37:21.718 INFO  [20989] [GPClient::setCurrentGateway@467] Updating the current gateway to vpn.gatech.edu
2022-07-18 13:37:21.718 INFO  [20989] [GPClient::populateGatewayMenu@131] Populating the Switch Gateway menu...
2022-07-18 13:37:21.718 INFO  [20989] [GPClient::gatewayLogin@359] Performing gateway login...
2022-07-18 13:37:21.721 INFO  [20989] [GatewayAuthenticator::authenticate@28] Start gateway authentication...
2022-07-18 13:37:21.721 INFO  [20989] [GatewayAuthenticator::login@41] Trying to login the gateway at https://vpn.gatech.edu/ssl-vpn/login.esp, with prot=https%3A&server=&jnlpReady=jnlpReady&computer=archtower&ok=Login&direct=yes&clientVer=4100&os-version=Arch Linux&clientos=Linux&portal-prelogonuserauthcookie=&prelogin-cookie=&ipv6-support=yes&user=&passwd=&portal-userauthcookie=&inputStr=
2022-07-18 13:37:22.041 ERROR [20989] [GatewayAuthenticator::onLoginFinished@53] Failed to login the gateway at https://vpn.gatech.edu/ssl-vpn/login.esp, Unknown error
2022-07-18 13:37:22.041 INFO  [20989] [GatewayAuthenticator::doAuth@81] Perform the gateway prelogin at https://vpn.gatech.edu/ssl-vpn/prelogin.esp?tmp=tmp&kerberos-support=yes&ipv6-support=yes&clientVer=4100&clientos=Linux
2022-07-18 13:37:22.074 INFO  [20989] [GatewayAuthenticator::onPreloginFinished@98] Gateway prelogin succeeded.
2022-07-18 13:37:22.074 INFO  [20989] [PreloginResponse::parse@26] Start parsing the prelogin response...
2022-07-18 13:37:22.074 ERROR [20989] [GatewayAuthenticator::onPreloginFinished@107] Unknown prelogin response for https://vpn.gatech.edu/ssl-vpn/prelogin.esp?tmp=tmp&kerberos-support=yes&ipv6-support=yes&clientVer=4100&clientos=Linux, got <?xml version="1.0" encoding="UTF-8" ?>
<prelogin-response>
<status>Error</status>
<ccusername></ccusername>
<autosubmit></autosubmit>
<msg>GlobalProtect gateway does not exist</msg>
<newmsg></newmsg>
<license>yes</license>
<authentication-message></authentication-message>
<username-label></username-label>
<password-label></password-label>
<panos-version>1</panos-version>
<saml-default-browser>yes</saml-default-browser><region></region>
</prelogin-response>
^CCaught signal: Interrupt

Now, if I use the server name as vpn.gatech.edu/global-protect/prelogin.esp, it crashes before I can enter my username/password, and I get the following logs: 

2022-07-18 13:38:17.132 INFO  [21112] [main@24] GlobalProtect started, version: 1.4.8+2snapshot.g0adeaf9
2022-07-18 13:38:17.364 INFO  [21112] [GPClient::populateGatewayMenu@131] Populating the Switch Gateway menu...
2022-07-18 13:38:18.173 INFO  [21112] [GPClient::populateGatewayMenu@131] Populating the Switch Gateway menu...
2022-07-18 13:39:45.789 INFO  [21112] [GPClient::doConnect@236] Start connecting...
2022-07-18 13:39:45.789 INFO  [21112] [GPClient::doConnect@252] Start gateway login using the previously saved gateway...
2022-07-18 13:39:45.789 INFO  [21112] [GPClient::gatewayLogin@359] Performing gateway login...
2022-07-18 13:39:45.793 INFO  [21112] [GatewayAuthenticator::authenticate@28] Start gateway authentication...
2022-07-18 13:39:45.793 INFO  [21112] [GatewayAuthenticator::login@41] Trying to login the gateway at https://vpn.gatech.edu/global-protect/prelogin.esp/ssl-vpn/login.esp, with prot=https%3A&server=&jnlpReady=jnlpReady&computer=archtower&ok=Login&direct=yes&clientVer=4100&os-version=Arch Linux&clientos=Linux&portal-prelogonuserauthcookie=&prelogin-cookie=&ipv6-support=yes&user=&passwd=&portal-userauthcookie=&inputStr=
2022-07-18 13:39:45.795 INFO  [21112] [GPClient::populateGatewayMenu@131] Populating the Switch Gateway menu...
2022-07-18 13:39:46.275 INFO  [21112] [gpclient::helper::parseGatewayResponse@54] Start parsing the gateway response...
2022-07-18 13:39:46.275 INFO  [21112] [gpclient::helper::parseGatewayResponse@55] The gateway response is: <?xml version="1.0" encoding="UTF-8" ?>
<prelogin-response>
<status>Success</status>
<ccusername></ccusername>
<autosubmit>false</autosubmit>
<msg></msg>
<newmsg></newmsg>
<authentication-message>Enter login credentials</authentication-message>
<username-label>Username</username-label>
<password-label>Password</password-label>
<panos-version>1</panos-version>
<saml-default-browser>yes</saml-default-browser><region>US</region>
</prelogin-response>
[1]    21112 segmentation fault (core dumped)  gpclient

Now, if I use the server name as: https://vpn.gatech.edu/global-protect/prelogin.esp, I can enter my username and password, but I get the same message:

Gateway authentication failed
Unknown response for gateway prelogin interface.

And I get the following logs:

2022-07-18 13:41:22.286 INFO  [21363] [main@24] GlobalProtect started, version: 1.4.8+2snapshot.g0adeaf9
2022-07-18 13:41:22.522 INFO  [21363] [GPClient::populateGatewayMenu@131] Populating the Switch Gateway menu...
2022-07-18 13:41:23.503 INFO  [21363] [GPClient::populateGatewayMenu@131] Populating the Switch Gateway menu...
2022-07-18 13:41:28.434 INFO  [21363] [GPClient::doConnect@236] Start connecting...
2022-07-18 13:41:28.434 INFO  [21363] [GPClient::doConnect@252] Start gateway login using the previously saved gateway...
2022-07-18 13:41:28.434 INFO  [21363] [GPClient::gatewayLogin@359] Performing gateway login...
2022-07-18 13:41:28.436 INFO  [21363] [GatewayAuthenticator::authenticate@28] Start gateway authentication...
2022-07-18 13:41:28.437 INFO  [21363] [GatewayAuthenticator::login@41] Trying to login the gateway at https://vpn.gatech.edu/ssl-vpn/login.esp, with prot=https%3A&server=&jnlpReady=jnlpReady&computer=archtower&ok=Login&direct=yes&clientVer=4100&os-version=Arch Linux&clientos=Linux&portal-prelogonuserauthcookie=&prelogin-cookie=&ipv6-support=yes&user=&passwd=&portal-userauthcookie=&inputStr=
2022-07-18 13:41:28.439 INFO  [21363] [GPClient::populateGatewayMenu@131] Populating the Switch Gateway menu...
2022-07-18 13:41:28.865 ERROR [21363] [GatewayAuthenticator::onLoginFinished@53] Failed to login the gateway at https://vpn.gatech.edu/ssl-vpn/login.esp, Unknown error
2022-07-18 13:41:28.865 INFO  [21363] [GatewayAuthenticator::doAuth@81] Perform the gateway prelogin at https://vpn.gatech.edu/ssl-vpn/prelogin.esp?tmp=tmp&kerberos-support=yes&ipv6-support=yes&clientVer=4100&clientos=Linux
2022-07-18 13:41:28.901 INFO  [21363] [GatewayAuthenticator::onPreloginFinished@98] Gateway prelogin succeeded.
2022-07-18 13:41:28.901 INFO  [21363] [PreloginResponse::parse@26] Start parsing the prelogin response...
2022-07-18 13:41:28.901 ERROR [21363] [GatewayAuthenticator::onPreloginFinished@107] Unknown prelogin response for https://vpn.gatech.edu/ssl-vpn/prelogin.esp?tmp=tmp&kerberos-support=yes&ipv6-support=yes&clientVer=4100&clientos=Linux, got <?xml version="1.0" encoding="UTF-8" ?>
<prelogin-response>
<status>Error</status>
<ccusername></ccusername>
<autosubmit></autosubmit>
<msg>GlobalProtect gateway does not exist</msg>
<newmsg></newmsg>
<license>yes</license>
<authentication-message></authentication-message>
<username-label></username-label>
<password-label></password-label>
<panos-version>1</panos-version>
<saml-default-browser>yes</saml-default-browser><region></region>
</prelogin-response>
2022-07-18 13:41:28.901 INFO  [21363] [GPClient::onGatewayFail@400] Quick connection failed, trying to portal login...
2022-07-18 13:41:28.905 INFO  [21363] [PortalAuthenticator::authenticate@35] (1/5) attempts, preform portal prelogin at https://vpn.gatech.edu/global-protect/prelogin.esp?tmp=tmp&kerberos-support=yes&ipv6-support=yes&clientVer=4100&clientos=Linux
2022-07-18 13:41:28.958 INFO  [21363] [PortalAuthenticator::onPreloginFinished@52] Portal prelogin succeeded.
2022-07-18 13:41:28.958 INFO  [21363] [PreloginResponse::parse@26] Start parsing the prelogin response...
2022-07-18 13:41:28.958 INFO  [21363] [PortalAuthenticator::onPreloginFinished@56] Finished parsing the prelogin response. The region field is: US
2022-07-18 13:41:28.958 INFO  [21363] [PortalAuthenticator::normalAuth@88] Trying to launch the normal login window...
2022-07-18 13:41:28.997 INFO  [21363] [GPClient::populateGatewayMenu@131] Populating the Switch Gateway menu...
2022-07-18 13:41:34.971 INFO  [21363] [PortalAuthenticator::fetchConfig@173] Fetching the portal config from https://vpn.gatech.edu/global-protect/getconfig.esp
2022-07-18 13:41:35.784 INFO  [21363] [PortalAuthenticator::onFetchConfigFinished@199] Fetch the portal config succeeded.
2022-07-18 13:41:35.784 INFO  [21363] [PortalConfigResponse::parse@20] Start parsing the portal configuration...
2022-07-18 13:41:35.784 INFO  [21363] [PortalConfigResponse::parse@42] Finished parsing portal configuration.
2022-07-18 13:41:35.784 INFO  [21363] [PortalAuthenticator::onFetchConfigFinished@208] Closing the StandardLoginWindow...
2022-07-18 13:41:35.791 INFO  [21363] [GPClient::onPortalSuccess@300] Portal authentication succeeded.
2022-07-18 13:41:35.791 INFO  [21363] [GPClient::onPortalSuccess@304] No gateway found in portal configuration, treat the portal address as a gateway.
2022-07-18 13:41:35.791 INFO  [21363] [GPClient::tryGatewayLogin@340] Try to preform login on the the gateway interface...
2022-07-18 13:41:35.791 INFO  [21363] [GPClient::setAllGateways@447] Updating all the gateways...
2022-07-18 13:41:35.791 INFO  [21363] [GPClient::populateGatewayMenu@131] Populating the Switch Gateway menu...
2022-07-18 13:41:35.791 INFO  [21363] [GPClient::setCurrentGateway@467] Updating the current gateway to vpn.gatech.edu
2022-07-18 13:41:35.791 INFO  [21363] [GPClient::populateGatewayMenu@131] Populating the Switch Gateway menu...
2022-07-18 13:41:35.791 INFO  [21363] [GPClient::gatewayLogin@359] Performing gateway login...
2022-07-18 13:41:35.794 INFO  [21363] [GatewayAuthenticator::authenticate@28] Start gateway authentication...
2022-07-18 13:41:35.794 INFO  [21363] [GatewayAuthenticator::login@41] Trying to login the gateway at https://vpn.gatech.edu/ssl-vpn/login.esp, with prot=https%3A&server=&jnlpReady=jnlpReady&computer=archtower&ok=Login&direct=yes&clientVer=4100&os-version=Arch Linux&clientos=Linux&portal-prelogonuserauthcookie=&prelogin-cookie=&ipv6-support=yes&user=&passwd=&portal-userauthcookie=&inputStr=
2022-07-18 13:41:36.123 ERROR [21363] [GatewayAuthenticator::onLoginFinished@53] Failed to login the gateway at https://vpn.gatech.edu/ssl-vpn/login.esp, Unknown error
2022-07-18 13:41:36.123 INFO  [21363] [GatewayAuthenticator::doAuth@81] Perform the gateway prelogin at https://vpn.gatech.edu/ssl-vpn/prelogin.esp?tmp=tmp&kerberos-support=yes&ipv6-support=yes&clientVer=4100&clientos=Linux
2022-07-18 13:41:36.163 INFO  [21363] [GatewayAuthenticator::onPreloginFinished@98] Gateway prelogin succeeded.
2022-07-18 13:41:36.163 INFO  [21363] [PreloginResponse::parse@26] Start parsing the prelogin response...
2022-07-18 13:41:36.163 ERROR [21363] [GatewayAuthenticator::onPreloginFinished@107] Unknown prelogin response for https://vpn.gatech.edu/ssl-vpn/prelogin.esp?tmp=tmp&kerberos-support=yes&ipv6-support=yes&clientVer=4100&clientos=Linux, got <?xml version="1.0" encoding="UTF-8" ?>
<prelogin-response>
<status>Error</status>
<ccusername></ccusername>
<autosubmit></autosubmit>
<msg>GlobalProtect gateway does not exist</msg>
<newmsg></newmsg>
<license>yes</license>
<authentication-message></authentication-message>
<username-label></username-label>
<password-label></password-label>
<panos-version>1</panos-version>
<saml-default-browser>yes</saml-default-browser><region></region>
</prelogin-response>
yuezk commented 10 months ago

Closing, should work fine with 2.x release.