Globalprotect Smart Card configuration

Reply
Highlighted
L1 Bithead

Globalprotect Smart Card configuration

So my company is working to setup a new PKI infrastructure with smart card logins for the users. I have looked at all the 2FA and associated articles about setting up the VPN but it leaves a lot to the imagination. I followed the steps creating the certificate profile and assigning it to the portal and gateway. But when i test it the issue i arrive at is the initial login to the vpn. If i were to sign into the workstation with my smart card and was already signed into the VPN it may or may not prompt for my pin. If i go into the menu and logout if the VPN it prompts for username and password. 

This could either be a failure on my configuration or a simple lack of understanding on my part. Is an initial login required and then never used again so long as you dont logout? Did i configure things incorrectly and it should login automatically? For reference we are attempting to swap from the existiny LDAP setup that uses the users login credentials to also login to the VPN. Any help would be greatly appreciated.

-
L1 Bithead

Re: Globalprotect Smart Card configuration

L1 Bithead

Re: Globalprotect Smart Card configuration

I am still looking for any help that anyone could provide. Documentation, personal experience, or just to tell me it is not possible to remedy. 

-
L1 Bithead

Re: Globalprotect Smart Card configuration

I'm still looking for anyone with experience with this issue. Or anyone with any reference or instructions that can help me narrow down the issue. The current work around we are going to go with involves enforcing smart card login by group policy. This retains the users login info allowing them to stay connected to the vpn. But this isnt the way we would like to do it. It is just the available alternative. If anyone knows of a solution to my problem please take the time to help out. I feel like its a simple solution that im just not seeing.

-
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!

The Live Community thanks you for your participation!