after update gpclient fails to chose proper gateway, no sso, no connect

[hdyami]

I've been happily using your client for months - i just patched ubuntu 20.04.
New UI with the trial info which looks great
When i connect it choses a gateway and hangs on connection.

Another laptop I have running palo alto's client connects fine with a different gateway than the one chosen by gpclient

I'm wondering how i can authenticate to sso, or why that used to work but no longer does and how i can fix it.

Also, im wondering how i can specify a gateway manually, I dont see any option in the cli --help

Here's the output from the cli attempt:
[2024-03-06T18:35:32Z INFO gpclient::cli] gpclient started: 2.0.0 (2024-02-05)
[2024-03-06T18:35:32Z INFO gpapi::portal::prelogin] Prelogin with user_agent: PAN GlobalProtect
[2024-03-06T18:35:33Z INFO gpauth::cli] gpauth started: 2.0.0 (2024-02-05)
[2024-03-06T18:35:33Z INFO gpauth::auth_window] Open auth window, user_agent: PAN GlobalProtect
[2024-03-06T18:35:33Z INFO gpauth::auth_window] Auth window user agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.0 Safari/605.1.15
[2024-03-06T18:35:33Z INFO gpauth::auth_window] Load the SAML request as URI...
[2024-03-06T18:35:33Z INFO gpauth::auth_window] Loaded uri: https://l**********m/7bd08b0b-3395-4dc1-94bb-d0b2e56a497f/saml2?SAMLRequest=j**********f&RelayState=C**********%3D
[2024-03-06T18:35:33Z INFO gpauth::auth_window] Trying to read auth data from response headers...
[2024-03-06T18:35:33Z INFO gpauth::auth_window] No saml-auth-status header found
[2024-03-06T18:35:33Z INFO gpauth::auth_window] No auth data found in headers, trying to read from body...
[2024-03-06T18:35:33Z INFO gpauth::auth_window] No auth data found in HTML
[2024-03-06T18:35:33Z INFO gpauth::auth_window] No auth data found, it may not be the /SAML20/SP/ACS endpoint
[2024-03-06T18:35:33Z INFO gpauth::auth_window] Raise window in 1 second(s)
[2024-03-06T18:35:33Z INFO gpauth::auth_window] Raise window cancelled
[2024-03-06T18:35:33Z INFO gpauth::auth_window] Loaded uri: https://v**********u/SAML20/SP/ACS
[2024-03-06T18:35:33Z INFO gpauth::auth_window] Trying to read auth data from response headers...
[2024-03-06T18:35:33Z INFO gpauth::auth_window] Got auth data from headers
[2024-03-06T18:35:34Z INFO gpapi::portal::config] Portal config, user_agent: PAN GlobalProtect
[2024-03-06T18:35:34Z INFO gpapi::gateway::login] Gateway login, user_agent: PAN GlobalProtect

And it just hangs there

[yuezk]

The CLI will let you select the gateway to connect when it find multiple gateways from the portal config, after the log of

[2024-03-06T18:35:34Z INFO gpapi::portal::config] Portal config, user_agent: PAN GlobalProtect

It didn't show up for your case is that it only received one gateway and it tried to connect it directly. If your portal does have multiple gateways, you could retry it to see if the client could get more gateways.

See gpclient connect -h to see how to specify a gateway. (Note, the specified gateway must be in the retrieved gateways, otherwise it will not work)

Also try the GUI version to see if it works.