Enhanced Security Measures in Place:   To ensure a safer experience, we’ve implemented additional, temporary security measures for all users.

Combine two methods for the authentication GlobalProtect Client

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

Combine two methods for the authentication GlobalProtect Client

Not applicable

Hello,

I want to know if it's possible to use two factor for a succeed authentication with GlobalProtect Client. I explain it.

In the configuration of GlobalProtect Client, you can define two method for the authentication of the clients (portals and gateways are the same configuration):

- Authentication Profile: you can define LDAP, Radius, local database

- Client Certificate profile: you put a specific certificate Root CA for the validation of the clients certificates

Is it possible to combine the two methods to validate the users for the authentication via Global Protect client ? With an another product like Juniper SecureAccess.

In the documentation, it's specified if you use the method "Client certificate profile" : In this SSL‐VPN configuration, we’re not using another form of authentication. We’re simply utilizing the client certificate to authenticate ssl‐vpn connections.

Thanks for your help the PaloAlto community

Regards,

Arnaud

2 REPLIES 2

Not applicable

Hello,

Anyone test it ?

Regards,

Arnaud

Based on the video at Strong authentication for Palo Alto Secure Access SSL VPN Solutions | Nordic Edge | The Provider of... I think it should somehow be possible (however they are using user/pass + OTP, from your description I think you want cert + user/pass).

Theres a technote also at Palo Alto Networks Integration till Nordic Edge One Time Password Server | Nordic Edge | Levererar ...

  • 2834 Views
  • 2 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!