07-02-2018 08:35 AM
I have succesfully set up local login for GP but struggling to set up LDAP authentication. The CLI test says that its succesfull, but it fails whne using GP
Any tips please?
07-02-2018 08:46 AM
my specific error now is:
GlobalProtect gateway client configuration failed. User name: MY.NAME Client OS version: Microsoft Windows 10 Enterprise , 64-bit, error: Matching client config not found.
Also this is not letting me change to local login, the GP client locks down to using my domain username
07-02-2018 09:03 AM
New Error:
You are not authorised to connect to globalprotect portal
07-02-2018 09:58 AM
Doesn't really seem like it's failing at LDAP auth, sounds like you haven't configured a client config in the gateway configuration (or it isn't configured properly). Might want to verify that you have properly setup the client configuration and then verify that the 'Client Authentication' settings that you've configured on the Gateway are setup properly.
07-02-2018 11:12 AM
Is your GP portal config restricted to certain users.... perhaps a group... if so... try changing to “all”.
07-02-2018 11:55 AM
07-02-2018 01:39 PM
Could someone please take a look at my comfigs and see where I am going wrong? Local authenticated users work fine but I get a variety of errors when I authenticate with LDAP, ranging from no client config available to not authorized to access portal depending on what I change in these settings
07-03-2018 12:44 AM - edited 07-03-2018 12:47 AM
firstly, do you have the same group settings in portal agent, i can only see gateway agent?
so....
from cli.
show user group list
this should display all relative groups and hopefully you will see the one thats blanked out in you agent config.
then...
show user group name "<the relevant group from above>"
this will list all known members of that group. If you check on the gui monitor/system you can see the user authenticating, make sure that user can be seen in the group within cli.
07-03-2018 11:00 AM
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
