This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences

Global Protect Client

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

Global Protect Client

djrodb
L3 Networker

‎12-14-2011 07:49 AM

Hi

I'm using radius (rsa) to authenticate GP users and can't get me head around the GP client configuration - specifically the section where you need to put a username and password. How can this be possible when the RSA token changes every minute?

Can someone shed some light on this please

Thanks

Rod

1 person had this problem.
0 Likes Likes
7 REPLIES 7

djrodb
L3 Networker

‎12-14-2011 07:58 AM

I should follow up with the following:

I want to use the SSL functionality of the PA and not the full blown GP features. I'm trying to get the same functionality as the older netconnect client.

Thanks.

Rod

0 Likes Likes

djrodb
L3 Networker
In response to jnguyen

‎12-22-2011 02:26 AM

Hi

Sorry I should have been more specific.

Before we updated to 4.x we used net connect to connect to the PA using SSL VPN. We used our RSA tokens to authenticate. I already had RSA configured and working.

The problem we have is since moving to PA 4.x. The global connect client requires a username and password as part of it's configuration. My question is how can you put a password in this field when the RSA tokens changes every 60 seconds. its not viable.

How can users who are using RSA tokens and have a RSA radius profile set up on the PA for authenticaiton actually authenticate without having to put a token passcode into the global protect password every time they connecto the the PA?

Somethings missing and I can't figure it out....

Thanks

Rod

0 Likes Likes

hosmanr
Not applicable
In response to djrodb

‎12-22-2011 08:13 AM

We are having this same issue with no apparent resolution for the issue. We are pushing through support to get some answer so we can move forward otherwise we will need to stay on the 4.0.x code base as we have a mandate from the outside for two-factor in remote access.

0 Likes Likes

FlexyZ
L3 Networker
In response to hosmanr

‎12-23-2011 01:31 AM

I have not been using the globalconnect that much, but I am also aiming for using a 2factor authentication.

Right now I use the normal user/pass approach. So it dont work if you type in a new password in the globalconnect client before hitting the "connect" function?

Thanks

0 Likes Likes

saburkhalid
L0 Member
In response to FlexyZ

‎05-22-2012 10:52 AM

Has Anybody resolved this issue yet becasue I am in the same boat and our customers are not happy. Because of the auto authentication function we keep locking the OTP and the accounts which is very annoying and my customer is thinking of moving.

0 Likes Likes

kkeeton
L2 Linker
In response to saburkhalid

‎01-17-2013 03:39 PM

I would recommend another solution for VPN personally, the RSA/GP solution is not enterprise ready to say the least.

My recommendation if you want to move with this LDPAP auth the portal, RSA the gateway

0 Likes Likes
  • 4864 Views
  • 7 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!

LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2024 - Palo Alto Networks