https://live.paloaltonetworks.com/t5/prisma-access-discussions/globalprotect-mfa-on-ios/m-p/581624#M723 <P>Sorry, I didn't see this. We're trying to do an always-on VPN with GlobalProtect on iOS. We learned through support that SAML is not supported for always-on VPN on iOS.</P> <P>We ended up using certificate-based auth.</P> Mon, 25 Mar 2024 23:28:38 GMT sk_display 2024-03-25T23:28:38Z https://live.paloaltonetworks.com/t5/prisma-access-discussions/globalprotect-mfa-on-ios/m-p/560695#M598 <P>Hi,</P> <P>&nbsp;</P> <P>Has anyone configured 2FA on iOS? We are looking at the possibility of authenticating iOS users to Prisma Access via GlobalProtect. We understand that we can use client certs on the devices, but is it possible to use 2FA on the iOS devices, and what are the ramifications of using 2FA for the end user, for example will push email stop working if the GP connection times out overnight?&nbsp;</P> Thu, 05 Oct 2023 13:42:05 GMT https://live.paloaltonetworks.com/t5/prisma-access-discussions/globalprotect-mfa-on-ios/m-p/560695#M598 sk_display 2023-10-05T13:42:05Z https://live.paloaltonetworks.com/t5/prisma-access-discussions/globalprotect-mfa-on-ios/m-p/565153#M617 <P>I have done MFA on iOS devices with SAML. What type of authentication are you trying to use?</P> Fri, 10 Nov 2023 13:48:42 GMT https://live.paloaltonetworks.com/t5/prisma-access-discussions/globalprotect-mfa-on-ios/m-p/565153#M617 hpatel11 2023-11-10T13:48:42Z https://live.paloaltonetworks.com/t5/prisma-access-discussions/globalprotect-mfa-on-ios/m-p/581624#M723 <P>Sorry, I didn't see this. We're trying to do an always-on VPN with GlobalProtect on iOS. We learned through support that SAML is not supported for always-on VPN on iOS.</P> <P>We ended up using certificate-based auth.</P> Mon, 25 Mar 2024 23:28:38 GMT https://live.paloaltonetworks.com/t5/prisma-access-discussions/globalprotect-mfa-on-ios/m-p/581624#M723 sk_display 2024-03-25T23:28:38Z