https://live.paloaltonetworks.com/t5/general-topics/deepnet-2-factor-authentication/m-p/45742#M33622 <HTML><HEAD></HEAD><BODY><P>VSAs are required only when authenticating admin logins to the device, not for Global Protect or Captive Portal.&nbsp; As long as your RADIUS server supports plain text, unencrypted authentication it should work.&nbsp; I don't have any specific information on Deepnet.</P></BODY></HTML> Fri, 07 Feb 2014 19:03:33 GMT JimS2 2014-02-07T19:03:33Z https://live.paloaltonetworks.com/t5/general-topics/deepnet-2-factor-authentication/m-p/45741#M33621 <HTML><HEAD></HEAD><BODY><P>Hi Everyone,</P><P></P><P>I have a client that is migrating to Palo Alto firewalls.&nbsp; I'll be implementing Global Protect SSL VPN replacing the existing Cisco Anyconnect.</P><P></P><P>The client utilizes DeepNet 2-factor authentication for SSL VPN.&nbsp; I was wondering if anyone had any experience implementing RADIUS authentication with DeepNet?</P><P>Do VSAs need to be setup on the DeepNet RADIUS server or can existing groups be used?</P><P></P><P>Thanks for any help.</P></BODY></HTML> Fri, 07 Feb 2014 14:25:14 GMT https://live.paloaltonetworks.com/t5/general-topics/deepnet-2-factor-authentication/m-p/45741#M33621 CafNetMatt 2014-02-07T14:25:14Z https://live.paloaltonetworks.com/t5/general-topics/deepnet-2-factor-authentication/m-p/45742#M33622 <HTML><HEAD></HEAD><BODY><P>VSAs are required only when authenticating admin logins to the device, not for Global Protect or Captive Portal.&nbsp; As long as your RADIUS server supports plain text, unencrypted authentication it should work.&nbsp; I don't have any specific information on Deepnet.</P></BODY></HTML> Fri, 07 Feb 2014 19:03:33 GMT https://live.paloaltonetworks.com/t5/general-topics/deepnet-2-factor-authentication/m-p/45742#M33622 JimS2 2014-02-07T19:03:33Z https://live.paloaltonetworks.com/t5/general-topics/deepnet-2-factor-authentication/m-p/45743#M33623 <HTML><HEAD></HEAD><BODY><P>Thanks Jim.&nbsp; That clears things up.</P><P></P><P>I've just started that project and for some reason the RADIUS is having issues but I'm working with the vendor to solve it.&nbsp; I'll post how well Deepnet works with Palo Alto once I finish this up.</P></BODY></HTML> Thu, 17 Apr 2014 03:32:18 GMT https://live.paloaltonetworks.com/t5/general-topics/deepnet-2-factor-authentication/m-p/45743#M33623 CafNetMatt 2014-04-17T03:32:18Z https://live.paloaltonetworks.com/t5/general-topics/deepnet-2-factor-authentication/m-p/45744#M33624 <HTML><HEAD></HEAD><BODY><P>FYI in case anyone else has to setup Deepnet for 2 factor auth.</P><P></P><P>The RADIUS issues were solved by Deepnet.&nbsp; They had to change something but I'm not sure what but it didn't seem like a big deal to them.&nbsp; After that the RADIUS authentication worked flawlessly.</P><P></P><P>I now have the Deepnet 2 factor setup as well as LDAP login (dual login) and the AD group passes through once I added the NetBIOS name to the RADIUS Auth configuration.&nbsp; I've tested that security policies utilizing AD groups works.</P></BODY></HTML> Fri, 18 Apr 2014 22:47:56 GMT https://live.paloaltonetworks.com/t5/general-topics/deepnet-2-factor-authentication/m-p/45744#M33624 CafNetMatt 2014-04-18T22:47:56Z