global protect and OTP

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

global protect and OTP

L4 Transporter

hey

our GP environment has PA device in cluster running both portal and gateway,

users authenticate to the portal using OTP and GW is also configured for OTP

we can see that users are authenticating and using GP well but when they put the computer into sleep/shutdown and go to other place then GP wont ask them for password again but will try to authenticate the GP with a Cached OTP

causing users to be locked.

does anyone have idea why is it?

4 REPLIES 4

L7 Applicator

Hello Minow,

As per my understanding, it will cache the password while in sleep mode, but if you reboot/restart the laptop, it should ask the password.

I am also expecting few more replies on this topic. Smiley Happy

Thanks

L4 Transporter

Hello Minow

You didn't tell us GP version, but from GlobalProtect-1.2.10-RN.pdf you can read:

Addressed Issues 1.2.10

The following issue has been addressed in this release:

• 60763—After coming out of hibernation, a GlobalProtect client was able to connect without being prompted to authenticate. This occurred even though the user had been unable to save authentication credentials and the option to Allow user to save password was cleared in the GlobalProtect portal configuration (Network > GlobalProtect Portals > Client Configuration). This issue has been resolved so that when the Allow user to save password option is cleared in a GlobalProtect portal configuration, the user is always prompted to enter credentials to authenticate.

Please upgrade to 1.2.10 and try

With regards

Slawek

hey

we are using the 2.0.1 version of GP client

"allow user to save password" is unchecked

and we are using on demand mode

Hi

Even that you don't use 1.2.x I recommended to upgrade to 2.0.2 and if it will happen again create a support case.

Slawek

  • 3051 Views
  • 4 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!