Client Authentication Agent disconnects each firewall rules changes

I have been using XG for some time, and recently switched to the beta16 load.  I also recently started turning on some of the firewall features, including using CAA on all non-server PCs, laptops, and mobile devices.  For the Windows 10 systems, I believe I've seen the same issues as those listed here, but I cannot verify that it is always a firewall policy change that causes the disconnect.  There are times that CAA becomes disconnected (most notably recently after a firmware upgrade which restarted XG).  I have been changing policies quite a bit lately, so it is possible that is also a cause of the disconnect, but I haven't made any direct observations about that. 

What is annoying is that CAA does not try to reconnect on its own.  It will connect automatically when the user logs in, but a disconnect on a running system requires the user to open CAA and confirm their login credentials.  It seems to me that CAA should try to reconnect to the firewall on its own.

Fortunately I've only turned this on for about 5 or so clients.  This would really be annoying on a large user base.

So I would expect this to be fixed sometime soon.  And, if this can be fixed on CAA only, please release and provide new CAA executables and instructions for replacing the CAA instance in the firewall so the new version is presented on the client portal.

I have been using XG for some time, and recently switched to the beta16 load.  I also recently started turning on some of the firewall features, including using CAA on all non-server PCs, laptops, and mobile devices.  For the Windows 10 systems, I believe I've seen the same issues as those listed here, but I cannot verify that it is always a firewall policy change that causes the disconnect.  There are times that CAA becomes disconnected (most notably recently after a firmware upgrade which restarted XG).  I have been changing policies quite a bit lately, so it is possible that is also a cause of the disconnect, but I haven't made any direct observations about that. 

What is annoying is that CAA does not try to reconnect on its own.  It will connect automatically when the user logs in, but a disconnect on a running system requires the user to open CAA and confirm their login credentials.  It seems to me that CAA should try to reconnect to the firewall on its own.

Fortunately I've only turned this on for about 5 or so clients.  This would really be annoying on a large user base.

So I would expect this to be fixed sometime soon.  And, if this can be fixed on CAA only, please release and provide new CAA executables and instructions for replacing the CAA instance in the firewall so the new version is presented on the client portal.