Global Protect Client not asking for passwort

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

Global Protect Client not asking for passwort

L2 Linker

Hi there,

we're piloting the GP Client with a few people. Some of them are asked for credentials when connecting (expected behaviour) and some people are not asked for their credentials, but connected successful (not expected).

We definitely haven't turned on SSO. The Clients are all installed by the same software distribution task. Also, I can not see anything suspicous in the logs that leads me to the root cause of the SSO... And, as usual with such issues, I'm not able to reproduce it 😕

Have you experienced this in the past?

Thanks,

Sven

7 REPLIES 7

L5 Sessionator

Hello Sven,

One way to verify is check in the current user for the machine which got connected('Network->Global Protect->Gateways->Remote Users') without credentials and look for that IP address in system logs to see whether has any authentication passed onto portal?

Regards,

Hari Yadavalli

Hi Hari,

I checked the logs again. But I don't see any difference from the globalprotectgateway-auth-succ Event for the users who are asked for credentials and those who are not. They all pass the same auth type: Profile.

Cheers,

Sven

Sven_Lieckfeldt,

and just to confirm... those specific machines were never logged into with credentials prior to this happening?

Thanks!

Please do not forget to mark and 'Helpful' or 'Correct' replies.

Hi mmmccorkle,

sorry for my late replay - I was on vacation.

Yes, they connected for the very first time with this user and on that machine.

Thanks,

Sven

Hi Sven,

Please cross check the GP Portal - client configuration SSO and connect method.

GP ssl.PNG

Regards

Satish

Hi Satish,

that is set to "on-demand" and "Use SSO" is _not_ checked.

Thanks,

Sven

Sven_Lieckfeldt,

You may need to check PanGPS.log and authd.log to co-relate the authentication events.

1). Check PanGPS.log in global protect client installation path for auth events tried by user.

2).  In PAN cli, execute below command for authentication event generated by user.

> less mp-log authd.log
Then type /user-name to search any log for the user and keep pressing 'n' until you don't see any relevant log.

Or you can search for user authentication event in  authd.log using notepad++ after generating tech support file.

Without these logs it is difficult to say what happened.


Thanks

  • 17203 Views
  • 7 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!