We have standardized on RSA SecurID for MFA for GlobalProtect VPN MFA, and locking down our internal network assets. I was asked if it is possible to use RSA SecurID MFA for secondary verification for admin accounts logging into our PA-820. I believe it is, but want to confirm. Is anyone doing this on their firewalls?
I tried setting the Authentication Profile for my own admin account on the firewall to the same profile used by our VPN. This is a SASL profile that authenticates against our RSA Cloud Authentication Service. It works fine for VPN, but I get "unknown user or password", specified as my authentication profile.
I have configured Azure SAML for Admins logging into the PA.
Here is the link for RSA MFA
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!