I currently have external contractors using on-demand globalprotect to remotely connect into the network. I have a new request to enable handful of internal users to access a specific server on mobile phones remotely.
if bought a GP gateway license, how can I make sure external users(Laptops) connect the same way i.e RADIUS( OTP) and new internal users on the Android OS will be checked for client certificate authentication and the exisiting RADIUS(OTP) auth method?
Solved! Go to Solution.
This is not so easy as you cannot mix cert and non cert auth on the same portal/gateway.
if you have spare IP's then have one portal for just OTP, then 2 gateways, one for OTP and the other for cert/OTP.
or if you prefer... 2 different portals, one for OTP and the other for cert/OTP and point them to the same gateway using authentication overide...
you will be better off using authentication overide anyhows for OTP,
you may be able to do something special with a loopback interface if you only have one external IP.
@MickBall thank you for the response. can I just create another portal with same interface and IP but with Android as OS and place it on the top of exisiting portal to make sure I meet this requirement?
is this the same scenario with multiple gatewys? I mean first rule match?
@SThatipelly, no, you are not able to have 2 portals with same ip.
you can have 2 portals on same interface but need to be different ip’s.
you are close with your os auths but this will only work if they all use certs or all dont use certs.
the cert auth is global to the entire portal and/or gateway.
do you not have 2nd ip’s.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!
The Live Community thanks you for your participation!