topic Global Protect certificate auth user/device information in General Topics https://live.paloaltonetworks.com/t5/general-topics/global-protect-certificate-auth-user-device-information/m-p/508665#M105910 <P>Currently we have a GP vpn setup for our mobile devices.&nbsp; We have are doing certificate based authentication, certificate is pushed out through an MDM.&nbsp; Basically if your device has this cert, your device connects.&nbsp; Is there a way to capture or pass through connected user information, for example username, email, etc.?&nbsp; Right now when looking at the GP monitor logs, it displays the source user as our public IP/CN of the cert.&nbsp; This would help to see who is connected or not, since the hostname field is whatever the mobile device is set to.</P> Wed, 13 Jul 2022 16:37:06 GMT emarschang 2022-07-13T16:37:06Z Global Protect certificate auth user/device information https://live.paloaltonetworks.com/t5/general-topics/global-protect-certificate-auth-user-device-information/m-p/508665#M105910 <P>Currently we have a GP vpn setup for our mobile devices.&nbsp; We have are doing certificate based authentication, certificate is pushed out through an MDM.&nbsp; Basically if your device has this cert, your device connects.&nbsp; Is there a way to capture or pass through connected user information, for example username, email, etc.?&nbsp; Right now when looking at the GP monitor logs, it displays the source user as our public IP/CN of the cert.&nbsp; This would help to see who is connected or not, since the hostname field is whatever the mobile device is set to.</P> Wed, 13 Jul 2022 16:37:06 GMT https://live.paloaltonetworks.com/t5/general-topics/global-protect-certificate-auth-user-device-information/m-p/508665#M105910 emarschang 2022-07-13T16:37:06Z Re: Global Protect certificate auth user/device information https://live.paloaltonetworks.com/t5/general-topics/global-protect-certificate-auth-user-device-information/m-p/508954#M105923 <P>you would need to add the username in each certificate (as CN or SAN email) so that information can be pulled in lieu of an authentication username</P> Thu, 14 Jul 2022 11:57:58 GMT https://live.paloaltonetworks.com/t5/general-topics/global-protect-certificate-auth-user-device-information/m-p/508954#M105923 reaper 2022-07-14T11:57:58Z