This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences

Globalprotect Smart Card configuration

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

Globalprotect Smart Card configuration

j.bartha
L1 Bithead

‎11-04-2019 12:36 PM

So my company is working to setup a new PKI infrastructure with smart card logins for the users. I have looked at all the 2FA and associated articles about setting up the VPN but it leaves a lot to the imagination. I followed the steps creating the certificate profile and assigning it to the portal and gateway. But when i test it the issue i arrive at is the initial login to the vpn. If i were to sign into the workstation with my smart card and was already signed into the VPN it may or may not prompt for my pin. If i go into the menu and logout if the VPN it prompts for username and password. 

This could either be a failure on my configuration or a simple lack of understanding on my part. Is an initial login required and then never used again so long as you dont logout? Did i configure things incorrectly and it should login automatically? For reference we are attempting to swap from the existiny LDAP setup that uses the users login credentials to also login to the VPN. Any help would be greatly appreciated.

-
3 people had this problem.
4 REPLIES 4

j.bartha
L1 Bithead

‎11-04-2019 12:41 PM

These are the instructions I am referring to having followed.

https://docs.paloaltonetworks.com/globalprotect/8-1/globalprotect-admin/authentication/set-up-two-fa...

-
0 Likes Likes

j.bartha
L1 Bithead

‎11-07-2019 08:00 AM

I am still looking for any help that anyone could provide. Documentation, personal experience, or just to tell me it is not possible to remedy. 

-
0 Likes Likes

j.bartha
L1 Bithead

‎11-26-2019 11:04 AM

I'm still looking for anyone with experience with this issue. Or anyone with any reference or instructions that can help me narrow down the issue. The current work around we are going to go with involves enforcing smart card login by group policy. This retains the users login info allowing them to stay connected to the vpn. But this isnt the way we would like to do it. It is just the available alternative. If anyone knows of a solution to my problem please take the time to help out. I feel like its a simple solution that im just not seeing.

-
0 Likes Likes

MansuSupportAcc
L0 Member

‎11-03-2021 04:04 AM

Hi @j.bartha ,

 

Did you finally found a solution?

0 Likes Likes
  • 6206 Views
  • 4 replies
  • 1 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!

LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2024 - Palo Alto Networks