I configured Client Authentication Sequence for both GlobalProtect Portal and Gateway for both LDAP and local database. For some reason, only the first item in the list works. It does not seem to try the rest of the sequences in the list. If LDAP is first in the list, then LDAP authentication works but not Local database. If Local databse is first in the list, then local database authentication works but not LDAP authentication. What could be causing this? This is 9.0 version.
Auth sequence is simply a list of possible auth services. It will run down the list until one is accepted.
it is not designed for MFA.
you could look into Globalprotect MFA, there are plenty of links available, i use cert and Ldap.
you could just have local for portal and ldap for gateway.
although this could be less secure if portal is down and client uses cached gateway address.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!